coderpad
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to interact with CoderPad data, including running actions and making proxy requests.\n- [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the official@membranehq/clipackage to facilitate the integration.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from an external platform (CoderPad).\n - Ingestion points: Content from pads (via
get-pad-environment) and organization-level data are brought into the agent context in SKILL.md.\n - Boundary markers: There are no explicit markers or instructions defined to prevent the agent from following directions found within the retrieved CoderPad data.\n
- Capability inventory: The skill provides broad capabilities via the
membraneCLI, including the ability to run any available action or make raw HTTP requests.\n - Sanitization: No validation or escaping of external content is specified before the data is processed by the agent.
Audit Metadata