bizzon
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
membraneCLI for core integration tasks such as authentication and API interaction in SKILL.md. - [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage from the official NPM registry to enable interaction with the Membrane platform. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection via data retrieved from the Bizzon API. 1. Ingestion points: Data enters the context through
membrane action runandmembrane requestcommands in SKILL.md. 2. Boundary markers: Boundary markers are absent; the skill does not define specific delimiters to separate external data from system instructions. 3. Capability inventory: The agent can execute shell commands using themembraneCLI tool as documented in SKILL.md. 4. Sanitization: Sanitization is absent; no validation or filtering of the external API responses is described.
Audit Metadata