deel
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: Authentication is handled through the vendor's managed CLI tool (
membrane login), which prevents sensitive credentials like Deel API tokens from being exposed or hardcoded in the skill's instructions. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes external HRIS data from Deel.
- Ingestion points: Data is retrieved from the Deel API via the
membraneCLI in SKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore instructions within the retrieved data are present.
- Capability inventory: The agent has the capability to execute shell commands using the
membraneCLI. - Sanitization: No explicit sanitization of the retrieved API data is documented in the instructions.
Audit Metadata