cyberark
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the vendor-provided
@membranehq/clipackage from the npm registry to interact with the Membrane platform.\n- [COMMAND_EXECUTION]: Uses themembraneCLI to perform authentication, discover actions, and execute API requests against CyberArk.\n- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection because it processes data fetched from external CyberArk API endpoints (such as activity records or group names) which could contain adversarial content.\n - Ingestion points: Data returned from
membrane action runandmembrane requestcommands (SKILL.md).\n - Boundary markers: No specific delimiters or "ignore instructions" warnings are defined for the data ingestion process.\n
- Capability inventory: The skill allows the agent to execute write actions and proxy requests to the CyberArk API via the CLI.\n
- Sanitization: Relies on the structured nature of the JSON responses without additional validation or sanitization layers described.
Audit Metadata