hotspotsystem
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package from NPM, which is a standard procedure for using the vendor's platform.
- [COMMAND_EXECUTION]: The skill uses the membrane command-line interface to search for connectors, manage connections, and execute API actions.
- [PROMPT_INJECTION]: The skill possesses an ingestion surface for potential indirect prompt injection.
- Ingestion points: Data enters the agent's context through the outputs of membrane action run and membrane request commands.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded instructions in the retrieved data.
- Capability inventory: The skill utilizes subprocess execution via the membrane CLI to interact with external APIs and HotspotSystem resources.
- Sanitization: There is no evidence of data sanitization or validation of the content received from the HotspotSystem API before it is processed by the agent.
Audit Metadata