firstup
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official
@membranehq/clipackage from the npm registry to interact with the platform.- [COMMAND_EXECUTION]: Uses local CLI commands to manage Firstup data and automate workflows, includingmembrane action runandmembrane request.- [PROMPT_INJECTION]: The skill interacts with external data from the Firstup API, which presents an attack surface for indirect prompt injection. - Ingestion points: Output from
membrane action runandmembrane request(SKILL.md). - Boundary markers: None identified in the skill instructions.
- Capability inventory: Subprocess execution via the
membraneCLI (SKILL.md). - Sanitization: No specific sanitization of external API data is performed.- [SAFE]: Authentication is managed server-side by the Membrane platform, eliminating the need for the agent to handle or store sensitive credentials locally.
Audit Metadata