document360
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the @membranehq/cli package globally via npm. This is a vendor-owned resource for the Membrane platform.
- [COMMAND_EXECUTION]: The skill relies on executing membrane CLI commands to perform operations like searching for connectors, connecting to Document360, and running specific actions.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Ingestion points: Data is ingested via actions like list-articles, get-article-by-url, and list-categories in SKILL.md. Boundary markers: No specific delimiters or "ignore" instructions are provided to separate user data from system commands. Capability inventory: The skill can execute various actions (membrane action run) and send raw API requests (membrane request), including state-changing operations like delete-article or update-category as described in SKILL.md. Sanitization: No sanitization or validation of the ingested external content is mentioned.
Audit Metadata