filestack
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the Membrane CLI tool (
@membranehq/cli) from the official npm registry. This is a standard utility provided by the vendor for interacting with their platform. - [COMMAND_EXECUTION]: Uses the
membranecommand-line utility to perform operations such as searching for connectors, managing connections, and executing FileStack actions. All commands are scoped to the user's Membrane tenant. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it processes data (content, metadata) from an external source (FileStack).
- Ingestion points: Untrusted data enters the context via
membrane action runandmembrane requestoutputs (SKILL.md). - Boundary markers: The skill does not define specific delimiters for separating FileStack data from agent instructions.
- Capability inventory: The skill can execute CLI commands, run platform actions, and perform HTTP requests to the FileStack API.
- Sanitization: No explicit sanitization or validation of the retrieved FileStack data is performed before it is presented to the agent.
Audit Metadata