bearer
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@membranehq/cliglobally via NPM. This is a legitimate utility provided by the skill's author (membranedev) to facilitate integration. - [COMMAND_EXECUTION]: Uses the
membraneCLI to perform various operations including authentication, searching for connectors, and executing actions. These commands are standard for the tool's intended functionality. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from the Bearer API, which could contain malicious instructions.
- Ingestion points: External data enters the context through the output of
membrane action runandmembrane requestcommands. - Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore potentially malicious content within API responses.
- Capability inventory: The skill has the capability to execute shell commands via the
membraneCLI and send arbitrary HTTP requests via themembrane requestproxy. - Sanitization: There is no evidence of sanitization or validation of the data retrieved from external endpoints before it is processed by the agent.
Audit Metadata