beebole
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage globally via npm. This is a vendor-provided tool from Membrane for managing integrations. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line tool to perform authentication, discover Beebole actions, and execute API requests. These commands are necessary for the skill's primary purpose. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8):
- Ingestion points: Data is ingested from the Beebole API via
membrane action runandmembrane requestcommands (e.g., project names, task descriptions). - Boundary markers: The instructions do not define specific delimiters or instructions to the agent to distinguish between instructions and data returned from the API.
- Capability inventory: The skill allows the agent to execute shell commands (
membrane) and modify data in an external system (Beebole). - Sanitization: There is no explicit sanitization or validation of the external API data before it enters the agent's context.
Audit Metadata