bitly
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage via npm. This is a vendor-owned resource for the 'membranedev' organization and is used for its intended purpose of managing platform integrations. - [INDIRECT_PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it processes data from external sources (Bitly) and provides capabilities to execute actions based on that data.
- Ingestion points: Data retrieved via
membrane action runandmembrane action listfrom the Bitly API. - Boundary markers: None specified in the instructions for delimiting external content.
- Capability inventory: The
membraneCLI allows for network operations and action execution through the Membrane platform. - Sanitization: No explicit sanitization or validation steps are documented for the external data before it is processed by the agent.
Audit Metadata