affinity
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the Membrane CLI tool (@membranehq/cli) from the official NPM registry. This is a trusted dependency for the Membrane platform.\n- [COMMAND_EXECUTION]: Uses the
membranecommand-line interface for auth and CRM operations. This is the intended functional path for the skill.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection through data ingested from Affinity CRM.\n - Ingestion points: Processes CRM data including people, organizations, and notes (SKILL.md).\n
- Boundary markers: None used to separate untrusted CRM data from agent context.\n
- Capability inventory: Capability to create or update CRM records (SKILL.md).\n
- Sanitization: No explicit sanitization or data validation is mentioned.
Audit Metadata