attio
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clitool from the official NPM registry. This is a vendor-provided tool required for the skill to function. - [COMMAND_EXECUTION]: The skill executes
membraneCLI commands to perform CRM operations such as listing records, searching for connectors, and running actions. - [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it processes external CRM data from Attio (Ingestion: list-records, get-note in SKILL.md; Capabilities: create-record, membrane request; Boundary markers: absent; Sanitization: absent).
Audit Metadata