apideck
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from npm. This is a vendor-owned resource from the skill author (membranedev) used to provide the skill's core functionality. - [COMMAND_EXECUTION]: The skill executes various
membraneCLI commands to manage authentication, search for connectors, and run API actions. - [PROMPT_INJECTION]: The skill processes untrusted data from the Apideck API, which creates a surface for indirect prompt injection. 1. Ingestion points: Data is received via
membrane action runandmembrane requestcommands. 2. Boundary markers: No explicit boundary markers or delimiters are defined for the API response data. 3. Capability inventory: The skill has the capability to execute subprocesses (via the CLI) and perform network operations. 4. Sanitization: No explicit sanitization or validation of the retrieved API data is performed before it is presented to the agent.
Audit Metadata