insightly
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform operations such as searching for connectors, managing connections, and executing CRM actions. These commands are used to facilitate integration between the agent and the Insightly platform. - [EXTERNAL_DOWNLOADS]: The skill references the
@membranehq/clipackage, which is the official tool provided by the vendor for this integration. The installation via NPM is a standard setup step. - [PROMPT_INJECTION]: The skill interacts with external data from Insightly, which constitutes a surface for indirect prompt injection.
- Ingestion points: Data returned from action execution and proxy requests (
membrane action run,membrane request). - Boundary markers: None explicitly defined in the skill instructions.
- Capability inventory: The skill can execute commands to create, update, or delete records in the CRM through the CLI.
- Sanitization: No explicit sanitization or validation of the retrieved CRM data is mentioned in the skill text.
Audit Metadata