123formbuilder
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/cliNode.js package, which is a vendor-owned tool for the Membrane platform. - [COMMAND_EXECUTION]: Uses the
membraneCLI to execute actions and requests against the 123FormBuilder API. - [PROMPT_INJECTION]: Potential surface for indirect prompt injection.
- Ingestion points: External data enters the agent context via form submissions and records retrieved through the CLI as described in
SKILL.md. - Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore instructions potentially embedded within the fetched form data.
- Capability inventory: The skill provides access to the
membraneCLI for running actions and making network requests, as demonstrated in the 'Running actions' and 'Proxy requests' sections. - Sanitization: Absent; the instructions do not specify any data validation or escaping for external content retrieved from 123FormBuilder.
Audit Metadata