7shifts
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage globally via NPM. This is a vendor-owned resource used for interacting with the Membrane platform. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operations such as searching for connectors, connecting accounts, and running actions. This is the primary intended behavior of the skill and does not involve arbitrary or dangerous command execution. - [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists because the skill processes data from the 7shifts API (e.g., employee information, shifts, and announcements) which could contain malicious instructions. Evidence: 1. Ingestion points: Output from CLI commands like
membrane action run. 2. Boundary markers: Not present in the provided instructions. 3. Capability inventory: Ability to list, create, and update 7shifts HR and scheduling data. 4. Sanitization: No explicit sanitization of API data is performed before presentation to the agent.
Audit Metadata