Skills
skills/membranedev/application-skills/datarobot/Gen Agent Trust Hub

datarobot

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli Node.js package. This is a vendor-provided tool used to facilitate communication between the agent and the DataRobot API via the Membrane platform.
  • [COMMAND_EXECUTION]: The skill instructions involve executing shell commands using the membrane CLI to manage authentication, discover actions, and interact with DataRobot resources.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from an external source (DataRobot).
  • Ingestion points: Data is brought into the agent context through the output of membrane action run and membrane request commands.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat data from these commands as untrusted.
  • Capability inventory: The agent can execute arbitrary shell commands and network requests via the membrane CLI as described in SKILL.md.
  • Sanitization: No sanitization or validation of the data returned by the DataRobot API is performed before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 03:02 AM