jitsu
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such as managing connections, searching for actions, and executing API calls against the Jitsu platform. - [EXTERNAL_DOWNLOADS]: The instructions require the installation of the
@membranehq/clipackage via npm and the use ofnpxfor action discovery. These are official tools provided by the skill's authoring vendor (membranedev). - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it ingests untrusted data from external sources.
- Ingestion points: CLI outputs from
membrane action list,membrane connection list, andmembrane action runin SKILL.md. - Boundary markers: The skill does not provide explicit delimiters or instructions for the agent to ignore potentially malicious instructions embedded in the retrieved data.
- Capability inventory: The agent can execute CLI commands (
membrane action run) and perform arbitrary network requests via themembrane requestproxy. - Sanitization: No explicit sanitization or validation of the data retrieved from Jitsu is described in the skill instructions.
Audit Metadata