businesslogic
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the Membrane CLI tool from the official NPM registry using
npm install -g @membranehq/cli. This is a standard procedure for utilizing the vendor's integration toolchain. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to manage connections and execute actions on the BusinessLogic platform. These commands are the primary mechanism for the skill's intended functionality. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill facilitates communication with
businesslogic.comandgetmembrane.comto manage business data. Authentication is handled server-side by the Membrane platform, which is a security best practice as it prevents the exposure of API keys within the agent's environment. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from the BusinessLogic platform, including potentially processing Excel documents. While this creates a theoretical surface for indirect prompt injection if external data contains malicious instructions, no exploitable vulnerability was found in the static instructions.
Audit Metadata