carapi
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the public npm registry, which is the official tool provided by the vendor. - [COMMAND_EXECUTION]: The skill uses shell commands via the
membraneCLI to manage connections and execute actions. These operations are within the scope of the skill's intended purpose for automotive data management. - [DATA_EXFILTRATION]: The skill facilitates data exchange with the CarAPI service through the
membrane requestcommand, which utilizes the vendor's proxy infrastructure to manage authentication and request routing. - [PROMPT_INJECTION]: The skill acts as an interface for external data, which introduces a surface for indirect prompt injection. \n
- Ingestion points: Results from
membrane action runandmembrane requestare processed by the agent. \n - Boundary markers: None present in the provided instructions. \n
- Capability inventory: The skill utilizes the
membraneCLI for network and configuration tasks. \n - Sanitization: The skill relies on the agent's default processing of command output.
Audit Metadata