amazon-sagemaker
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the Membrane CLI (@membranehq/cli) via npm, which is the official tool from the vendor for this integration.
- [COMMAND_EXECUTION]: Instructions are provided for running various membrane CLI commands (login, search, connect, action run) to manage Sagemaker resources.
- [DATA_EXFILTRATION]: The skill facilitates data movement to and from Amazon Sagemaker via the Membrane proxy, which manages authentication and credential lifecycle server-side.
- [PROMPT_INJECTION]: The skill processes external data from Amazon Sagemaker, identifying an indirect prompt injection surface. Evidence chain: 1. Ingestion points: Sagemaker records and metadata. 2. Boundary markers: None specified. 3. Capability inventory: Subprocess calls to the Membrane CLI for running actions and requests. 4. Sanitization: No explicit data validation or sanitization is mentioned.
Audit Metadata