builtwith
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the official
@membranehq/cliglobal package from the NPM registry to enable platform interaction. - [COMMAND_EXECUTION]: Uses the
membraneutility to perform terminal-based operations, including account login, action discovery, and executing requests against the BuiltWith API. - [PROMPT_INJECTION]: Ingests potentially untrusted data such as domain profiles, keywords, and social metadata from the BuiltWith API. 1. Ingestion points: Results from API actions and proxy requests (SKILL.md). 2. Boundary markers: No delimiters or ignore-instructions are used for external data. 3. Capability inventory: Command execution and network requests via the
membranetool. 4. Sanitization: No evidence of data validation or escaping before processing. This combination creates an indirect prompt injection surface.
Audit Metadata