autodesk-revit
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the official NPM registry. This utility is provided by the author (membranedev) to facilitate the integration.
- [COMMAND_EXECUTION]: The skill executes various system commands using the membrane CLI, including authentication login, action discovery, and API proxy requests. These commands are standard operations for interacting with the Membrane platform.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection from external data. Ingestion points: Output from Revit API actions and proxy requests are processed by the agent. Boundary markers: The skill does not define specific delimiters for separating API data from instructions. Capability inventory: The skill can execute CLI commands and perform network operations through the Membrane proxy. Sanitization: No explicit validation or sanitization of data returned from the Revit API is performed.
Audit Metadata