axesso-data-service-amazon
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage via npm. This is the official command-line interface for the Membrane platform, providing a secure way to manage integrations. - [COMMAND_EXECUTION]: Integration logic is implemented through shell commands using the
membraneCLI, which handles authentication and data requests. - [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection (Category 8) by ingesting external data.
- Ingestion points: Untrusted product data and reviews are retrieved from Amazon through the Axesso API (referenced in SKILL.md).
- Boundary markers: The skill does not currently implement specific delimiters or 'ignore' instructions for processed data.
- Capability inventory: The agent can execute shell commands, manage connections, and create new actions via the Membrane CLI.
- Sanitization: No automated sanitization of external Amazon content is described in the integration logic.
Audit Metadata