fastfield-mobile-forms
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the NPM registry, which is the official command-line tool for the Membrane platform.- [COMMAND_EXECUTION]: Utilizes themembraneCLI to manage account connections and execute API actions, includingmembrane login,membrane search, andmembrane action run.- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes data from the FastField API. • Ingestion points: Data returned bymembrane action runandmembrane request(SKILL.md). • Boundary markers: None present. • Capability inventory: Command execution viamembraneand package installation vianpm. • Sanitization: No explicit sanitization of external data is documented.
Audit Metadata