heartbeat
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses the
membraneCLI to manage connections and execute API-driven actions such as listing users, groups, and events. - [EXTERNAL_DOWNLOADS]: Recommends the installation of the
@membranehq/clipackage from the npm registry, which is the official tool provided by the vendor for this integration. - [PROMPT_INJECTION]: The skill processes data from the Heartbeat API, creating a surface for potential indirect prompt injection if the ingested data contains malicious instructions.
- Ingestion points: Data retrieved through
membrane action runandmembrane requestcommands (e.g., user profiles, document contents). - Boundary markers: No specific markers or delimiters are defined to isolate API data from the agent's instructions.
- Capability inventory: Full access to the
membraneCLI tools and the ability to perform further network requests via the proxy. - Sanitization: The skill relies on standard platform behavior and does not implement explicit validation or sanitization for the retrieved API content.
Audit Metadata