jiminny
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is the official command-line interface provided by the vendor (Membrane) for managing integrations. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI tool to execute various operations such as authentication, searching for actions, and running API requests. These commands are executed locally in the agent's environment to facilitate communication with the Jiminny platform. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data from external sales calls and user records via the Jiminny API.
- Ingestion points: Data is ingested via
membrane action runandmembrane requestcalls to the Jiminny API (SKILL.md). - Boundary markers: None explicitly defined in the provided instructions.
- Capability inventory: The agent can execute shell commands via the
membraneCLI (SKILL.md). - Sanitization: No specific sanitization or escaping of external content is mentioned in the setup guide.
Audit Metadata