applitools
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the user to install the
@membranehq/clipackage from NPM. This is a resource provided by the vendor (membranedev) to manage authentication and execute integration logic. - [COMMAND_EXECUTION]: The skill relies on executing CLI commands (e.g.,
membrane login,membrane action run,membrane request) to interact with the Applitools API and manage the integration state. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection where untrusted data from external sources could influence the agent.
- Ingestion points: The agent ingests data from external sources via
membrane action list,membrane connection list, andmembrane request(Applitools API responses). - Boundary markers: No specific delimiters or "ignore embedded instructions" markers are defined for the data returned from these commands.
- Capability inventory: The skill has the capability to execute API actions (
membrane action run) and arbitrary HTTP requests (membrane request) based on the data it processes. - Sanitization: There is no evidence of sanitization or validation of the external content before it is interpolated into the agent's context.
Audit Metadata