campayn
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation guides the user to install the @membranehq/cli package from the NPM registry. This tool is the official command-line interface provided by the skill's author and is necessary for operation.
- [COMMAND_EXECUTION]: Several commands utilizing the membrane CLI are detailed for logging in, managing connections, and executing actions. These commands are fundamental to the skill's functionality and do not exhibit malicious intent.
- [DATA_EXFILTRATION]: The skill facilitates the transfer of data between the user's environment and the Campayn API via a proxy mechanism. This is the intended purpose of the integration and is used for marketing data management.
- [PROMPT_INJECTION]: Because the skill retrieves and processes external content such as contact details and email campaign data, it has an inherent surface for indirect prompt injection. However, no specific malicious instructions or bypass attempts were found in the static content.
Audit Metadata