clarify
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the @membranehq/cli package from the official npm registry. This is a trusted vendor tool used to facilitate communication with the Membrane platform.
- [COMMAND_EXECUTION]: Uses the membrane CLI to perform searches, manage connections, and execute actions. These commands are limited to the intended functionality of the platform and do not involve unauthorized privilege escalation or persistence.
- [PROMPT_INJECTION]: The skill processes data from the Clarify API, which serves as a potential surface for indirect prompt injection from external support records.
- Ingestion points: Data returned from the Clarify API via membrane action run and membrane request commands.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are included in the guide.
- Capability inventory: The agent interacts with the environment via shell commands using the membrane CLI.
- Sanitization: The skill relies on the Membrane platform's internal handling of structured API responses.
Audit Metadata