blueshift
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the official Membrane CLI (@membranehq/cli) from the npm registry to enable interaction with the platform.
- [COMMAND_EXECUTION]: Utilizes the membrane CLI to perform authenticated operations, including connection creation, action discovery, and direct API requests through a proxy.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes data from the BlueShift API. (1) Ingestion points: Data entering the context via membrane action run and membrane request outputs. (2) Boundary markers: No delimiters or explicit warnings to ignore embedded instructions are present. (3) Capability inventory: The agent can execute further CLI commands and network requests based on this data. (4) Sanitization: No specific filtering or escaping of API responses is mentioned.
Audit Metadata