creatio
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/cliNode package globally. This is an official vendor-provided tool from Membrane used to manage connections and execute actions securely. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform CRM operations. These commands are restricted to the intended functionality of the skill, such as searching, connecting, and running actions within the Creatio environment. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its primary function of processing data from the external Creatio CRM service.
- Ingestion points: Untrusted data is ingested when the agent retrieves records (e.g., Leads, Contacts, Accounts) from Creatio using the
membrane action runormembrane requestcommands. - Boundary markers: No specific delimiters or "ignore instructions" markers are provided in the skill documentation to wrap the retrieved CRM data.
- Capability inventory: The skill possesses the capability to create, update, and delete CRM records, as well as execute business processes and send API requests via the Membrane proxy.
- Sanitization: No specific sanitization or validation logic for the external CRM content is described in the documentation.
Audit Metadata