harvest
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The instructions guide the user to install the
@membranehq/clipackage globally via npm. This is the official command-line utility for the Membrane platform, which is the vendor for this skill. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI for various operations, including account authentication (membrane login), service discovery (membrane search), and executing integration actions (membrane action run). These commands allow the agent to interact with the system and external APIs. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from the external Harvest API, which could contain instructions intended to influence the agent's behavior.
- Ingestion points: Data fetched from Harvest via
membrane action runandmembrane request(e.g., project names, task descriptions, user details). - Boundary markers: No specific delimiters or instructions are provided to the agent to treat API data as untrusted content.
- Capability inventory: The agent has the ability to execute shell commands using the
membraneCLI, which can perform further API requests or data modifications. - Sanitization: The instructions do not specify any validation or sanitization of the data retrieved from the API before it is processed by the agent.
Audit Metadata