amazon-cognito
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI tool (@membranehq/cli) globally via NPM.
- [REMOTE_CODE_EXECUTION]: Includes instructions to use npx for executing the latest version of the vendor tool (@membranehq/cli@latest), which involves fetching and executing code from a remote registry.
- [COMMAND_EXECUTION]: The skill operates by executing shell commands through the membrane CLI, including authentication (membrane login), connection management (membrane connect), and service interaction (membrane request).
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing external data from the Amazon Cognito service. 1. Ingestion points: Amazon Cognito data retrieved via membrane request or actions. 2. Boundary markers: None specified in the documentation. 3. Capability inventory: Ability to execute shell commands via membrane action run. 4. Sanitization: No explicit sanitization or validation of Cognito data is described.
Audit Metadata