google-drive
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally from the npm registry. This package is the official tool provided by the vendor for interacting with their platform. - [COMMAND_EXECUTION]: The skill relies on executing shell commands through the
membraneCLI to manage connections, search for actions, and execute tasks on Google Drive. This includes commands for authentication (membrane login) and resource management. - [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8).
- Ingestion points: Data enters the agent context via actions like
list-files,get-file, andlist-comments(defined in SKILL.md). - Boundary markers: The instructions do not specify the use of delimiters or warnings to ignore instructions found within retrieved file content or comments.
- Capability inventory: The agent has the ability to create, update, and delete files or permissions using the
membrane action runcommand. - Sanitization: No explicit sanitization or validation of the content retrieved from Google Drive is mentioned.
- [REMOTE_CODE_EXECUTION]: The skill features a dynamic tool generation capability via the
membrane action createcommand. This allows the platform to generate and deploy new integration logic based on natural language descriptions provided by the agent at runtime.
Audit Metadata