echtpost-postcards
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli package globally via npm to facilitate interaction with the Membrane platform. This is a legitimate vendor-owned resource.\n- [COMMAND_EXECUTION]: Uses the membrane CLI to execute commands for logging in, managing connections, and performing API requests (SKILL.md).\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data from the EchtPost API.\n
- Ingestion points: Data returned from actions like listing contacts or postcards via membrane action run and membrane request (SKILL.md).\n
- Boundary markers: The skill does not define specific markers to separate API-provided content from agent instructions.\n
- Capability inventory: The agent can execute system commands via the membrane CLI.\n
- Sanitization: There is no evidence of sanitization or filtering of the external API content before it is ingested into the prompt context.
Audit Metadata