agencyzoom
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
membraneCLI to execute various operations such as connecting to the service (membrane connect), listing actions (membrane action list), and performing API requests (membrane request). These commands are essential for the skill's functionality. - [EXTERNAL_DOWNLOADS]: The documentation instructs the user to install the
@membranehq/clipackage globally using npm. This is a vendor-provided tool necessary for the integration logic and is considered a standard dependency for the platform. - [PROMPT_INJECTION]: This skill presents a surface for indirect prompt injection.
- Ingestion points: Data ingested from AgencyZoom via
membrane action runormembrane requestis returned to the agent context. - Boundary markers: There are no explicit boundary markers or instructions to the agent to disregard potential instructions within the retrieved data.
- Capability inventory: The skill can execute CLI commands that perform write operations and network requests through the Membrane proxy.
- Sanitization: The skill does not implement specific sanitization or validation of the data retrieved from the AgencyZoom API before it is processed by the agent.
Audit Metadata