21risk
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the global installation of the @membranehq/cli package from the official NPM registry. This package is owned and maintained by the skill's author, membranedev, and is used to facilitate communication with the 21RISK API.
- [COMMAND_EXECUTION]: Utilizes the membrane command-line interface to perform several operations including user authentication (membrane login), connection management (membrane connect), and API interaction (membrane action run, membrane request). These commands are necessary for the skill's primary functionality of managing data within the 21RISK SaaS platform.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests data from external 21RISK API endpoints via the membrane CLI. Ingestion points: Output from membrane action run and membrane request commands in SKILL.md. Boundary markers: The skill instructions do not specify any delimiters or ignore-instructions markers for the ingested data. Capability inventory: The skill can execute network requests and CLI commands to interact with the SaaS environment. Sanitization: No explicit sanitization or validation of the API response content is mentioned in the skill definition.
Audit Metadata