cortex-xsoar
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage from the NPM registry. This is the official command-line utility for the Membrane platform, used to manage the lifecycle of integrations. - [COMMAND_EXECUTION]: Detailed instructions are provided for utilizing the
membraneCLI to authenticate, manage connections, and execute actions or arbitrary API requests against the Cortex XSOAR instance. - [PROMPT_INJECTION]: The skill includes an unusually extensive list of 'Content' related terms (e.g., 'Content Human Rights', 'Content Justice') which may be intended to influence agent behavior or bias. Furthermore, the skill creates an indirect prompt injection surface by enabling the agent to ingest external security data.
- Ingestion points: Untrusted data enters the agent context via API responses from Cortex XSOAR during action execution or proxy requests.
- Boundary markers: Not present. There are no instructions to use delimiters or ignore potential commands embedded in the retrieved data.
- Capability inventory: The agent can execute shell commands via the
membraneCLI and perform network operations through the proxy request feature. - Sanitization: Not present. No validation or filtering of remote API content is described.
Audit Metadata