integry
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage globally via npm and utilizesnpxto execute the latest version of the tool. These resources are provided by the vendor to enable the skill's core functionality. - [COMMAND_EXECUTION]: The skill relies on shell commands using the
membraneCLI to perform various tasks, including user authentication (membrane login), connection management (membrane connect), and running integration actions (membrane action run). - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from external SaaS applications via the Integry platform.
- Ingestion points: External data enters the agent's context through the output of
membrane action runandmembrane requestcommands. - Boundary markers: The instructions do not define specific delimiters or include warnings to the agent to disregard instructions embedded within the external data.
- Capability inventory: The skill has the ability to execute actions in connected applications and perform arbitrary HTTP requests through the Membrane proxy, which could be exploited if malicious data influences the agent's behavior.
- Sanitization: There is no evidence of sanitization, filtering, or validation of the data retrieved from external sources before it is presented to the agent.
Audit Metadata