axesso-data-service-amazon
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the npm registry. This is a verified utility provided by the vendor (membranedev) to facilitate secure integrations.
- [COMMAND_EXECUTION]: The workflow relies on executing membrane CLI commands to manage connections and perform data queries. This is the intended and necessary method for using the service.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests Amazon product data, such as titles and reviews, through the Axesso API actions (e.g., lookup-product). While this introduces external data into the agent's context, it is central to the skill's primary function and managed through structured CLI calls rather than unsafe string interpolation.
Audit Metadata