craftboxx
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run membrane CLI commands to manage records and execute tasks.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection due to data ingestion from external sources. Ingestion points: Data entering the context via membrane action run and membrane request commands. Boundary markers: No delimiters are used to separate external data from instructions. Capability inventory: Execution of CLI commands. Sanitization: No explicit validation or sanitization of external data is mentioned.
- [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package, which is a verified vendor dependency.
- [SAFE]: Authentication is handled securely via the vendor's platform flow, ensuring no credentials or API keys are stored locally.
Audit Metadata