foxy
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the @membranehq/cli Node.js package. This is the official command-line tool for the Membrane platform and is necessary for executing the skill instructions.
- [COMMAND_EXECUTION]: The instructions involve running various shell commands via the membrane CLI to authenticate (membrane login), search for actions (membrane search), and interact with the Foxy API (membrane action run/request).
- [PROMPT_INJECTION]: The skill processes external data from the Foxy API, which constitutes an attack surface for indirect prompt injection if an attacker controls data within the Foxy account.
- Ingestion points: Data returned from the Foxy API via the membrane action run and membrane request commands.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to distinguish between platform instructions and external data.
- Capability inventory: The agent can execute CLI commands and make network requests through the Membrane platform.
- Sanitization: No explicit sanitization or validation of the retrieved API data is described in the prompt instructions.
Audit Metadata