build-product-integrations
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Membrane CLI (npx @membranehq/cli) to perform tasks such as logging in, searching for integrations, and running actions on connected apps.
- [EXTERNAL_DOWNLOADS]: Fetches and installs official vendor packages including @membranehq/cli, @membranehq/sdk, and @membranehq/react from public registries.
- [PROMPT_INJECTION]: The skill processes data from third-party applications (e.g., Slack, HubSpot), creating an attack surface for indirect prompt injection. * Ingestion points: External app data retrieved via Membrane Actions and Data Collections. * Boundary markers: No delimiters or ignore instructions specified in the skill. * Capability inventory: Executes actions in third-party apps via CLI/API. * Sanitization: No explicit validation of external content described.
- [SAFE]: All operations, including credential storage in ~/.membrane/credentials.json and network calls to api.getmembrane.com and api.integration.app, are standard for the integration services provided by the author.
Audit Metadata