companyhub
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli package via npm. This is a vendor-provided tool required for the skill to communicate with the Membrane platform.
- [COMMAND_EXECUTION]: Uses the membrane CLI to perform tasks such as action discovery, record filtering, and direct API requests. These commands are necessary for the skill's primary function of managing CRM data.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it reads and processes data from an external CRM system.
- Ingestion points: Records retrieved from CompanyHub via list, search, and get actions in SKILL.md.
- Boundary markers: Not present in the skill instructions.
- Capability inventory: Command execution via the membrane CLI for data modification and API requests.
- Sanitization: No data validation or sanitization steps are defined for the processed records.
Audit Metadata