ceridian-dayforce
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the official NPM registry, which is the intended and safe method for interacting with the vendor's platform.
- [COMMAND_EXECUTION]: The instructions involve executing standard membrane CLI commands to manage connections and run actions, representing normal functionality for this integration.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface common to integrations that process external data.
- Ingestion points: Data retrieved from Ceridian Dayforce via membrane action run commands.
- Boundary markers: Not specified in the current instructions.
- Capability inventory: The agent can execute shell commands through the membrane CLI tool.
- Sanitization: No specific sanitization or filtering of external system output is documented.
Audit Metadata