appsmith
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the
@membranehq/clipackage from the NPM registry. This is the official tool provided by the vendor (membranedev) for the purpose of managing API connections and is a trusted source. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform data management tasks such as searching for connectors, connecting to Appsmith, listing actions, and running queries. These commands are necessary for the skill's primary function and are used in a standard manner. - [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection as it processes data from Appsmith API responses.
- Ingestion points: Data entering the context through
membrane action listandmembrane requestcommands. - Boundary markers: Not specified in the current instructions.
- Capability inventory: The skill uses
membrane action runandmembrane requestfor network operations and CLI interactions. - Sanitization: The skill delegates authentication and request structure to the Membrane platform, reducing the likelihood of malicious command construction.
Audit Metadata