algolia-search
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation guides the user to install the @membranehq/cli package from the official NPM registry. This is a standard procedure for utilizing the vendor's integration tools.
- [COMMAND_EXECUTION]: The skill uses the membrane CLI to execute actions and proxy requests to the Algolia API, which is the primary intended functionality for this integration.
- [PROMPT_INJECTION]: The skill ingests data from Algolia Search results. While this constitutes a potential surface for indirect prompt injection, it is an expected part of the search functionality and is mitigated by the agent's core safety filters.
- Ingestion points: Output from membrane action run and membrane request commands.
- Boundary markers: None specified in this integration logic.
- Capability inventory: Subprocess execution of the membrane CLI for action and request management.
- Sanitization: Relies on the user/agent to handle retrieved data safely.
Audit Metadata