basiq
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the Membrane CLI tool from the npm registry to enable interaction with the Membrane platform.
- [COMMAND_EXECUTION]: Uses the
membranecommand-line interface to manage authentication, list connections, and execute financial data actions. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes untrusted data from the Basiq API.
- Ingestion points: API responses retrieved via
membrane action runandmembrane requestcommands. - Boundary markers: None identified in the skill instructions.
- Capability inventory: Ability to execute arbitrary actions and proxy requests via the CLI based on data-driven inputs.
- Sanitization: Not explicitly documented; relies on the agent's internal safety filters.
Audit Metadata