citrix
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various commands using the Membrane CLI (
membrane) to manage Citrix resources, including logging in, searching for connectors, and running actions. - [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/clipackage globally via npm. This is a vendor-provided tool necessary for the skill's functionality. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes data from external API responses.
- Ingestion points: Untrusted data enters the agent context through the output of
membrane action runandmembrane requestcalls to the Citrix API. - Boundary markers: Absent. There are no instructions to use delimiters or ignore embedded instructions within the retrieved data.
- Capability inventory: The agent has the capability to execute shell commands via the
membraneCLI and perform network operations through the proxy functionality. - Sanitization: No sanitization or validation logic is defined for the external content before it is processed by the agent.
Audit Metadata