appointedd
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry. This is the official command-line interface provided by the vendor (Membrane) to manage integrations. - [COMMAND_EXECUTION]: The skill utilizes multiple
membraneCLI commands to perform operations such as authentication (membrane login), connection management (membrane connect), and executing API actions (membrane action run). These commands are necessary for the skill's core functionality. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it retrieves and processes data from an external source (the Appointedd API).
- Ingestion points: Data ingested from Appointedd endpoints (e.g., list-bookings, get-customer) via the
membraneCLI. - Boundary markers: None explicitly implemented within the skill instructions to separate external data from agent instructions.
- Capability inventory: The skill has the ability to execute network requests and perform write operations (create/update/delete bookings) via the CLI.
- Sanitization: No specific sanitization or filtering of API responses is mentioned before processing.
Audit Metadata