bigmailer
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from npm, which is the official command-line interface for the Membrane platform. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such as authentication (membrane login), resource management (membrane search,membrane connect), and executing BigMailer actions (membrane action run). It also allows for direct API requests viamembrane request. - [PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection by processing external data from the BigMailer API (such as contact information or campaign data) that could be manipulated to influence agent behavior.
- Ingestion points: Data is retrieved from BigMailer via actions like
list-contacts,get-brand, and direct proxy requests. - Boundary markers: None are specified in the instructions to separate untrusted data from agent instructions.
- Capability inventory: The agent can execute a variety of commands and network requests using the
membraneCLI as described inSKILL.md. - Sanitization: No explicit sanitization or validation of data retrieved from BigMailer is mentioned.
Audit Metadata