asin-data-api
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the public NPM registry. This tool is the official CLI provided by the vendor to facilitate interaction with the Membrane platform. - [COMMAND_EXECUTION]: The skill executes the
membraneCLI tool to perform authentication and run actions that interface with the ASIN Data API. These operations are part of the intended functionality for managing e-commerce data. - [PROMPT_INJECTION]: The skill ingests and processes product data from the ASIN Data API, such as product descriptions and reviews, which constitutes a surface for indirect prompt injection. Ingestion points: External product data returned via the
membrane action runcommand. Boundary markers: No specific delimiters or warnings to ignore embedded instructions are present in the skill documentation. Capability inventory: The skill uses CLI commands to perform network requests and manage actions on the Membrane platform. Sanitization: The skill does not implement or specify sanitization for the data retrieved from the API.
Audit Metadata