cursor
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage from the official NPM registry. This is a legitimate utility provided by the vendor to facilitate API integrations. - [COMMAND_EXECUTION]: The instructions involve executing
membraneCLI commands to manage connections and run actions. These commands are the primary intended interface for the integration and operate within the scope of the user's Membrane account. - [PROMPT_INJECTION]: The skill processes data from the Cursor API, which presents a surface for potential indirect prompt injection from external code or records.
- Ingestion points: Output from
membrane action runandmembrane requestcommands documented in SKILL.md. - Boundary markers: None explicitly mentioned in the skill instructions.
- Capability inventory: Execution of CLI commands and network proxy requests via the
membraneutility. - Sanitization: No specific sanitization or validation logic is provided within the instructions, relying on platform-level or agent-level defaults.
Audit Metadata