zitadel
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the NPM registry. This is a vendor-controlled package required for the skill to communicate with the Membrane platform. - [COMMAND_EXECUTION]: The skill utilizes several
membraneCLI commands to manage identity data and automate workflows. These commands are standard for the tool's operation and are used as intended for the ZITADEL integration. - [PROMPT_INJECTION]: The skill processes external data from ZITADEL through the
membrane action runcommand, which represents a potential surface for indirect prompt injection. However, there is no evidence of instructions that attempt to bypass safety filters or override agent behavior.
Audit Metadata