isn
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is an official command-line tool developed by the vendor for interacting with their platform. - [COMMAND_EXECUTION]: It utilizes several shell commands via the
membraneCLI to handle authentication (membrane login), connection management (membrane connect), and data operations (membrane action run). These commands are standard for the tool's operation. - [DATA_EXFILTRATION]: The skill facilitates the retrieval of sensitive organizational data (such as user lists and project orders) from ISN and routes requests through the Membrane proxy service. This behavior is documented and essential for the skill's primary function of integrating with the ISN API.
- [PROMPT_INJECTION]: The skill processes external data from ISN (e.g., user records, contact details) through actions like
list-usersandget-order(defined in SKILL.md). While this creates a surface for indirect prompt injection, there are no specific instructions provided to the agent regarding sanitization or boundary markers for this untrusted data.
Audit Metadata