criteo
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill uses official tools and services provided by the author 'membranedev', including the @membranehq/cli package and the Membrane platform.
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package and uses npx to run commands, which are standard operations for this vendor's ecosystem.
- [COMMAND_EXECUTION]: The skill directs the agent to use the membrane CLI for tasks like logging in, connecting to Criteo, and running API actions. This is the intended functional behavior of the skill.
- [PROMPT_INJECTION]: The skill processes data from the Criteo API, which represents an indirect prompt injection surface.
- Ingestion points: Data enters the context via membrane action run and membrane request commands in SKILL.md.
- Boundary markers: No specific delimiters are used for the external data.
- Capability inventory: The skill has the ability to execute shell commands through the CLI.
- Sanitization: There is no explicit sanitization of the retrieved API data, though the use of structured JSON output from the CLI mitigates typical injection risks.
Audit Metadata