action-builder
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/clipackage via npm. This is a vendor-owned resource from 'membranedev' required for the skill to function. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to manage connections and execute actions. These operations are restricted to the functionality provided by the vendor's own command-line tool. - [PROMPT_INJECTION]: The skill includes patterns where user input is interpolated into CLI commands, such as
membrane action runandmembrane request. This represents a potential indirect prompt injection surface. - Ingestion points: Data from the user is used to populate command flags like
--input,--query, and path parameters. - Boundary markers: The instructions do not define specific delimiters for separating user-provided content from the command structure.
- Capability inventory: The skill enables the agent to perform network requests and execute remote actions via an authenticated CLI tool.
- Sanitization: No explicit sanitization or validation steps are provided in the instructions for user-supplied data.
Audit Metadata