forescout
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the NPM registry, which is the official command-line tool for the Membrane platform. - [COMMAND_EXECUTION]: It utilizes various
membraneCLI commands to manage connections and execute actions against the Forescout API. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data from external Forescout API responses.
- Ingestion points: Data retrieved through
membrane action runandmembrane requestcommands. - Boundary markers: None explicitly defined in the skill instructions to delimit external data from agent instructions.
- Capability inventory: The skill can execute shell commands through the
membraneCLI and make network requests via themembrane requestproxy. - Sanitization: There are no explicit instructions for validating or sanitizing the content returned by the Forescout API.
Audit Metadata