even-financial
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the @membranehq/cli package from the npm registry to enable interaction with the Membrane platform.
- [COMMAND_EXECUTION]: Uses the membrane command-line tool to perform login, connection management, and action execution tasks.
- [PROMPT_INJECTION]: Potential for Indirect Prompt Injection as the skill processes external data from Even Financial. * Ingestion points: Data is received through membrane action run and membrane request commands. * Boundary markers: No specific delimiters are defined in the instructions for isolating external data. * Capability inventory: Includes the ability to execute predefined actions and custom API requests via the Membrane CLI. * Sanitization: No explicit data sanitization or validation routines are specified within the skill documentation.
Audit Metadata