infinity-1
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI (
@membranehq/cli) globally via npm. This is a standard requirement for the skill to interact with the vendor's platform. - [COMMAND_EXECUTION]: Uses the
membranecommand-line tool to perform actions such as searching for connectors, connecting to accounts, and executing API actions. These operations are within the scope of the skill's intended functionality. - [PROMPT_INJECTION]: The skill processes external data retrieved from Infinity boards and items, which introduces a surface for indirect prompt injection. 1. Ingestion points: API responses from
membrane action runandmembrane requestcontaining data from the Infinity workspace. 2. Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external content as untrusted. 3. Capability inventory: The skill allows for executing actions and making network requests using the CLI. 4. Sanitization: No sanitization or validation of the retrieved content is specified before it is processed by the agent.
Audit Metadata