alttextai
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from NPM, which is an official tool provided by the vendor and a trusted resource.
- [COMMAND_EXECUTION]: Integration functionality is delivered through the membrane CLI, allowing the agent to manage connections and execute actions within the AltText.ai ecosystem.
- [PROMPT_INJECTION]: The skill processes data from the AltText.ai API (such as generated alt text and project info), which constitutes a standard ingestion surface for indirect prompt injection. 1. Ingestion points: Data is received via membrane action run and membrane request commands in the SKILL.md file. 2. Boundary markers: The skill does not specify the use of delimiters for external content. 3. Capability inventory: The agent has the ability to execute shell commands using the membrane CLI. 4. Sanitization: No explicit sanitization or validation of the fetched data is described in the documentation.
Audit Metadata