codescene
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official @membranehq/cli package from the NPM registry to facilitate integration.
- [COMMAND_EXECUTION]: It utilizes the membrane command-line tool to interact with the CodeScene API, manage projects, and run analyses.
- [PROMPT_INJECTION]: The skill processes external analysis data from CodeScene. Ingestion points: Data retrieved from CodeScene API via membrane action run and membrane request commands. Boundary markers: None identified. Capability inventory: Execution of membrane CLI commands. Sanitization: None identified. This represents an inherent attack surface for indirect prompt injection that is part of the primary skill purpose.
Audit Metadata