customgpt
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the Membrane CLI (
membrane) to perform all operations, including session management (membrane login), establishing connections (membrane connect), and executing API actions (membrane action run). These commands are standard for the tool's intended purpose. - [EXTERNAL_DOWNLOADS]: The documentation instructs users to install the
@membranehq/clipackage via npm. This package is the official command-line interface provided by the skill's author (membranedev) for interacting with their platform. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it retrieves data from CustomGPT sources, such as conversation messages and indexed page content. This data enters the agent's context and could contain instructions intended to influence its behavior, though no active exploitation is present in the static code.
Audit Metadata