kizeo-forms
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI package (
@membranehq/cli) from the public npm registry to facilitate API interactions. - [COMMAND_EXECUTION]: The instructions utilize the
membraneCLI tool to perform operations such as listing users, retrieving form data, and managing groups within the Kizeo Forms account. - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes data retrieved from external form submissions and user profiles.
- Ingestion points: Untrusted data enters the agent context via Kizeo Forms API responses returned by the
membraneCLI (SKILL.md). - Boundary markers: The skill does not explicitly define delimiters or instructions to ignore embedded commands within the fetched data.
- Capability inventory: The agent has the capability to execute shell commands via the
membraneCLI across multiple actions (SKILL.md). - Sanitization: No explicit sanitization of the external data is performed before processing.
Audit Metadata