fidel
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary functionality is delivered through the execution of the
membraneCLI tool. It provides commands for logging in, searching for connectors, and executing actions against the Fidel API. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests and processes data from the external Fidel API which could potentially contain adversarial instructions.
- Ingestion points: Data is received through CLI commands such as
membrane action run,membrane action list, andmembrane requestas described in SKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard content within the API responses that might resemble commands.
- Capability inventory: The agent is equipped to execute shell commands (specifically the
membraneCLI) and perform file operations. - Sanitization: The instructions do not specify any sanitization, filtering, or validation of the data retrieved from the Fidel service before the agent acts upon it.
Audit Metadata