actian
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the '@membranehq/cli' package from npm. This tool is provided by the verified vendor to handle authentication and API communication securely.
- [COMMAND_EXECUTION]: The skill executes the 'membrane' CLI to perform searches, connect to data sources, and run database actions. These commands are standard operations for managing Actian data via the Membrane platform.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes data retrieved from Actian databases.
- Ingestion points: Data is ingested via 'membrane action run' and 'membrane request' commands as described in SKILL.md.
- Boundary markers: No specific delimiters or boundary markers are defined to isolate untrusted data from instructions.
- Capability inventory: The skill has the capability to execute CLI commands and perform network operations through the Membrane proxy.
- Sanitization: No explicit sanitization or filtering of database content is implemented in the instructions.
Audit Metadata