circle-1
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package from the official NPM registry to provide the necessary tooling for platform interaction.
- [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform administrative tasks, connection management, and to trigger integration logic for managing Circle data.
- [DATA_EXFILTRATION]: The skill performs network operations to interact with Circle's API and Membrane's proxy service to manage community records and automate data flows.
- [REMOTE_CODE_EXECUTION]: The skill uses npx to fetch and execute the latest version of the @membranehq/cli tool to discover available actions for integration.
- [PROMPT_INJECTION]: The skill processes data from the Circle community platform, representing a potential surface for indirect prompt injection from untrusted external content. * Ingestion points: Community data is ingested from Circle API endpoints via membrane actions and proxy requests. * Boundary markers: No specific delimiters or isolation instructions are included to separate external content from the agent's internal instructions. * Capability inventory: The skill has the capability to execute shell commands and perform network requests through the membrane CLI. * Sanitization: No explicit sanitization or validation of the content retrieved from the Circle platform is mentioned.
Audit Metadata