amazon-eks
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the @membranehq/cli package via NPM. This tool is provided by the vendor (membrane) to facilitate secure integration with their platform and Amazon EKS.\n- [COMMAND_EXECUTION]: Uses the membrane CLI to manage EKS resources, including searching for connectors, establishing connections, and running predefined actions. These commands are standard for the tool's intended functionality.\n- [SAFE]: Authentication is handled via the CLI's browser-based flow (membrane login), which ensures that sensitive AWS credentials or API tokens are managed server-side by Membrane and never stored directly within the skill code.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes data from Amazon EKS clusters.\n
- Ingestion points: Data retrieved via
membrane action runormembrane requestcommands.\n - Boundary markers: Not explicitly defined; relies on structured JSON output from the CLI.\n
- Capability inventory: The skill can modify EKS resources (clusters, node groups) via CLI commands.\n
- Sanitization: Data is returned in JSON format, requiring the agent to interpret structured fields rather than executing raw content.
Audit Metadata