kintone
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks due to processing data from Kintone. * Ingestion points: Untrusted data enters the agent context through the
get-recordsandget-record-commentsactions defined in SKILL.md. * Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat retrieved Kintone content as untrusted. * Capability inventory: The skill allows the agent to create, update, or delete data via themembrane action runandmembrane requestcommands as specified in SKILL.md. * Sanitization: No validation or sanitization mechanisms for the retrieved Kintone data are mentioned. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/cliNPM package. As this is an official tool from the skill's author, it is a standard dependency for this integration.
Audit Metadata