calendarific
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package via npm and uses npx to execute the latest version. These are official command-line tools provided by the vendor (membranedev) to facilitate interaction with their platform.
- [COMMAND_EXECUTION]: The instructions direct the agent to execute various shell commands using the membrane CLI, including logging in, searching for connectors, and making authenticated API requests.
- [PROMPT_INJECTION]: The skill facilitates the retrieval of holiday data from the external Calendarific API. This data is ingested into the agent's context and processed without explicit boundary markers or sanitization, which could allow maliciously crafted API content to influence agent behavior (indirect prompt injection).
- Ingestion points: Holiday data retrieved via membrane action run and membrane request commands in SKILL.md.
- Boundary markers: None present.
- Capability inventory: The agent has the ability to execute shell commands using the membrane CLI.
- Sanitization: No data validation or escaping is applied to the API responses before they are processed by the agent.
Audit Metadata