alexishr
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to install the
@membranehq/clinpm package globally. This is a vendor-owned tool used to interact with the Membrane platform. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line tool to perform actions such as logging in, searching for connectors, and executing API calls. These commands are necessary for the skill's intended functionality of managing AlexisHR data. - [PROMPT_INJECTION]: The skill retrieves and processes data from the AlexisHR API, which introduces an indirect prompt injection surface where data managed within the HR system could influence the agent.
- Ingestion points: Data retrieved via
membrane action runandmembrane requestcommands as specified in SKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potential commands within the retrieved data.
- Capability inventory: The skill executes shell commands using the
membraneCLI tool. - Sanitization: The documentation does not describe any specific sanitization or validation steps for the data received from the external API.
Audit Metadata