gooddata
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from npm. This is a vendor-provided tool required for the skill's functionality. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform actions such as logging in, searching for connectors, and running API requests. These commands are scoped to the authenticated user's environment. - [PROMPT_INJECTION]: The skill processes data from external GoodData APIs, representing a potential surface for indirect prompt injection.
- Ingestion points: Output from
membrane action runandmembrane request(SKILL.md). - Boundary markers: Not present.
- Capability inventory: Shell command execution via the
membraneCLI. - Sanitization: Not explicitly implemented; the skill relies on the agent's internal safety filters for processing external data.
Audit Metadata