darwinbox
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to perform actions and queries against the Darwinbox API. This is the intended and documented method for using this integration. - [EXTERNAL_DOWNLOADS]: Instructions include the installation of the
@membranehq/clipackage from the npm registry. This tool is provided by the skill's author and is required for the integration to function. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted data from external Darwinbox API responses.
- Ingestion points: Data is ingested through
membrane action runandmembrane requestcommands in SKILL.md. - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched HR data.
- Capability inventory: The agent can execute CLI commands and make network requests via the Membrane platform.
- Sanitization: No explicit sanitization or validation of external API responses is performed within the skill instructions.
Audit Metadata