memberstack-cli
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill requires the global installation of the
memberstack-clipackage via npm. This package is not hosted in a trusted repository or organization defined in the security policy, posing a supply chain risk. - [DATA_EXFILTRATION] (LOW): The skill documentation explicitly identifies the location of sensitive authentication tokens (
~/.memberstack/auth.json) and provides commands to export member databases to local files. While intended for management, these patterns define a sensitive data surface. - [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill includes commands to import members and records from external CSV and JSON files (
memberstack members import,memberstack records import). - Ingestion points:
references/members.md,references/records.md - Boundary markers: None present.
- Capability inventory: Execution of shell commands via
memberstack-cli, file read/write access. - Sanitization: No validation or sanitization of file contents is mentioned or implemented.
- [COMMAND_EXECUTION] (LOW): The skill is designed to facilitate local shell command execution of the Memberstack CLI. This is the intended primary purpose of the skill.
Audit Metadata