zabbix
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the @membranehq/cli Node.js package, which is the official command-line tool for the Membrane platform. This follows the standard integration pattern for skills authored by membranedev.
- [SAFE]: Authentication is managed through the Membrane platform using membrane login and membrane connection ensure, ensuring that sensitive API keys and session tokens are handled server-side rather than being exposed in the agent's environment or hardcoded in scripts.
- [SAFE]: All network activity and API interactions are performed through the membrane request proxy or pre-built actions, which provide a controlled environment for communicating with Zabbix endpoints.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it ingests monitoring data from Zabbix.
- Ingestion points: Data retrieved from Zabbix hosts, items, and problems via membrane action run and membrane request commands in SKILL.md.
- Boundary markers: Absent; there are no specific delimiters to isolate external data from instructions.
- Capability inventory: The agent has the ability to execute membrane CLI commands and perform network operations via the proxy.
- Sanitization: No specific sanitization or filtering of external monitoring data is implemented in the skill instructions.
Audit Metadata