fidel-api
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the npm registry. This is an official vendor resource required to use the skill and does not represent an unverified dependency.
- [COMMAND_EXECUTION]: The skill uses the membrane CLI tool to manage API connections and execute actions. These operations are standard for the platform and are limited to the vendor's documented ecosystem.
- [PROMPT_INJECTION]: The skill processes external data from the Fidel API, which introduces a surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the agent context through API responses from endpoints like list-transactions, get-card, and list-programs.
- Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions to encapsulate data from the API.
- Capability inventory: The skill can execute shell commands via the membrane CLI and perform authenticated network requests via the membrane request command.
- Sanitization: There is no evidence of data validation or sanitization being applied to the API responses before they are processed by the agent.
Audit Metadata