0codekit
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
membraneCLI to run actions, manage connections, and perform proxy requests to external APIs. - [EXTERNAL_DOWNLOADS]: Directs users to install the
@membranehq/clipackage via NPM to enable functionality. - [PROMPT_INJECTION]: The skill is designed to process data from a wide array of external services including databases, emails, and chat messages, which creates a significant surface for indirect prompt injection. Ingestion points: Data retrieved from 0codekit actions and proxy requests documented in SKILL.md. Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the documentation. Capability inventory: Subprocess execution via the Membrane CLI. Sanitization: The documentation does not specify any sanitization or validation steps for content retrieved from external integrations.
Audit Metadata