cloud-elements
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the official Membrane CLI tool (@membranehq/cli) from the public NPM registry.\n- [COMMAND_EXECUTION]: The skill uses the Membrane CLI to perform network operations and manage local integration states via commands like
membrane connect,membrane action run, andmembrane request.\n- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it retrieves and processes external metadata from the Cloud Elements API.\n - Ingestion points: External data is brought into the agent context through
membrane action listandmembrane connection listin SKILL.md.\n - Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands in the retrieved API data.\n
- Capability inventory: The skill can execute shell commands (
membrane action run) and perform network requests (membrane request).\n - Sanitization: There is no explicit logic for sanitizing or escaping the data returned from external API calls before it is processed by the agent.
Audit Metadata