hasura
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides users to install the
@membranehq/clipackage globally via npm. This is the official command-line tool provided by the vendor for interacting with their platform. - [COMMAND_EXECUTION]: The skill utilizes several
membraneCLI commands (login, connect, action, request) to facilitate interaction with the Hasura GraphQL engine. These commands are part of the intended functionality and use the platform's secure proxy for API requests. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes data returned from Hasura GraphQL queries and mutations. If the database content includes instructions disguised as data, they could influence the agent's behavior.
- Ingestion points: Data retrieved via
execute-graphql-query,execute-graphql-mutation, andmembrane request(SKILL.md). - Boundary markers: None explicitly defined in the instructions for separating data from instructions.
- Capability inventory: The skill can execute shell commands via the CLI and perform network operations through the Membrane proxy (SKILL.md).
- Sanitization: No explicit sanitization or validation of data retrieved from Hasura is described.
Audit Metadata