Skills
skills/membranedev/application-skills/amazon-sagemaker/Gen Agent Trust Hub

amazon-sagemaker

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli package from the public npm registry. This is a vendor-owned CLI tool required for interaction with the Membrane platform.
  • [COMMAND_EXECUTION]: Uses membrane commands to authenticate users, search for available Sagemaker actions, and execute machine learning tasks.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface by processing data retrieved from Sagemaker actions.
  • Ingestion points: Output from membrane action run in SKILL.md.
  • Boundary markers: None present in the skill instructions.
  • Capability inventory: Ability to create and run Sagemaker actions, models, and jobs in SKILL.md.
  • Sanitization: No specific sanitization or validation of external data is specified.
  • [SAFE]: Implements secure credential handling by using a centralized connection manager, preventing the need for local API keys or tokens.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 04:49 PM