altera-payroll
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from npm. This is the official command-line tool provided by the vendor to facilitate integrations. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to handle authentication (membrane login), connection management (membrane connect), and API interactions (membrane action run,membrane request). These are standard operational commands for the platform. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes data retrieved from the Altera Payroll API.
- Ingestion points: Data enters the agent's context through the output of
membrane action runandmembrane requestcommands. - Boundary markers: The instructions do not specify any delimiters or safety markers (e.g., "ignore instructions in the following data") to isolate API responses.
- Capability inventory: The agent has the ability to execute further CLI commands and perform network requests via the proxy, which could be triggered by malicious data in an API response.
- Sanitization: There are no explicit sanitization or validation steps mentioned in the skill for handling external data before it is processed by the agent.
Audit Metadata