comeet
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to install the
@membranehq/clipackage from the NPM registry. This is a vendor-provided tool necessary for the skill's functionality and is considered a standard dependency for this platform.- [COMMAND_EXECUTION]: The skill relies on the execution of various shell commands using themembraneCLI to manage connections, discover actions, and perform API requests. These commands are the primary mechanism for the skill's operation.- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data from the Comeet API and the Membrane platform. - Ingestion points: External data enters the agent context through the outputs of
membrane action list,membrane connection list, andmembrane request. - Boundary markers: The instructions do not define explicit boundary markers or delimiters to isolate this external data from the agent's internal instruction set.
- Capability inventory: The agent possesses the capability to execute shell commands and network requests via the
membraneCLI tool. - Sanitization: There are no explicit sanitization or validation steps described for the data retrieved from external endpoints before it is processed by the agent.
Audit Metadata