enfuce
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI via
npm install -g @membranehq/cli. This is the official command-line interface for the platform described in the skill metadata. - [COMMAND_EXECUTION]: The skill uses various shell commands (
membrane login,membrane search,membrane connect,membrane action run,membrane request) to interact with the Enfuce API. These commands are necessary for the skill's primary purpose of managing payment and card data. - [PROMPT_INJECTION]: As the skill processes data retrieved from the Enfuce API, it is subject to the following indirect prompt injection risks:
- Ingestion points: Data enters the agent context through the output of
membrane action runandmembrane request(SKILL.md). - Boundary markers: The skill does not explicitly define delimiters for API output, but it provides instructions to the agent on how to handle the data.
- Capability inventory: The skill has the capability to execute shell commands using the
membraneCLI and perform network operations through the proxy (SKILL.md). - Sanitization: There is no explicit sanitization step for the API data, though the use of structured output (
--json) facilitates safer parsing.
Audit Metadata