Skills
skills/membranedev/application-skills/kibana/Gen Agent Trust Hub

kibana

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Utilizes the membrane CLI to execute various shell commands for managing connections, searching for actions, and performing API requests.
  • [EXTERNAL_DOWNLOADS]: Instructs users to install the @membranehq/cli package globally from the NPM registry, which is the official tool provided by the vendor for this integration.
  • [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection through the processing of data retrieved from Kibana endpoints.
  • Ingestion points: External data is brought into the agent context via the output of membrane action run and membrane request commands.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the retrieved Kibana data as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill maintains the ability to execute shell commands and perform network operations through the Membrane proxy.
  • Sanitization: No evidence of validation or sanitization of the external data is present in the provided instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 11:19 PM