cloudbees
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI tool globally using npm from the vendor's official package scope (@membranehq/cli).
- [COMMAND_EXECUTION]: The skill extensively uses shell commands to interact with the Membrane CLI for logging in, connecting to services, searching for actions, and running integrations.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes data from external CloudBees environments and uses it within the agent context.
- Ingestion points: Data retrieved from CloudBees via 'membrane action list' and 'membrane action run' commands enters the agent's context.
- Boundary markers: The skill does not define specific delimiters or instructions to the agent to ignore potentially malicious content within the retrieved data.
- Capability inventory: The agent can execute subprocesses via the 'membrane' CLI, creating a path for potential exploitation if malicious instructions are processed.
- Sanitization: There is no evidence of sanitization or validation of the content returned from external API calls before it is presented to the agent.
Audit Metadata