attendance-giriton
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/cliNode.js package. This is an official command-line tool from the vendor (Membrane) used for authentication and interacting with the connector ecosystem. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such as searching for connectors, establishing connections, and executing API actions. These commands are necessary for the skill's documented functionality. - [PROMPT_INJECTION]: An indirect prompt injection surface was identified.
- Ingestion points: The agent retrieves data from the external Attendance GIRITON API through
membrane requestandmembrane action runcommands. - Boundary markers: There are no explicit instructions or delimiters provided to isolate the external API data from the agent's internal instruction set.
- Capability inventory: The skill possesses the capability to perform network requests and execute further CLI-based actions based on processed data.
- Sanitization: The skill does not mention any validation or sanitization of the content returned from the GIRITON API.
Audit Metadata