imperva
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official
@membranehq/clipackage from the npm registry to facilitate platform operations. - [COMMAND_EXECUTION]: The skill uses shell commands through the
membraneCLI to manage connections, search for actions, and execute API requests. These commands are part of the standard operating procedure for the vendor's integration framework. - [PROMPT_INJECTION]: The skill processes external data from Imperva security events and analytics. This data ingestion surface is handled through structured actions within the Membrane platform.
- Ingestion points: Data enters the context through
membrane action runandmembrane requestcommands in SKILL.md. - Boundary markers: None explicitly defined in the instructions for isolating external data.
- Capability inventory: The skill has the capability to execute CLI commands and make network requests via
membranetools. - Sanitization: Relies on the underlying platform's handling of API responses.
Audit Metadata