cats
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/clipackage from npm, which is the official tool for the Membrane platform. - [COMMAND_EXECUTION]: Uses
membraneCLI commands to manage connections and execute API actions. These are documented as standard operations for the integration. - [CREDENTIALS_UNSAFE]: Implements secure identity management by using Membrane's server-side connection system, explicitly advising against manual API key handling.
- [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists because the skill processes data from the external CATS API.
- Ingestion points: Outputs from
membrane action list,membrane action run, andmembrane requestcommands. - Boundary markers: None identified in the provided instructions.
- Capability inventory: Execution of CLI commands via subprocesses.
- Sanitization: No specific sanitization logic is described for the API response data.
Audit Metadata