knock
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the global installation of the '@membranehq/cli' package from npm. This is a vendor-owned resource provided by membrane to facilitate secure communication with the integration platform.
- [COMMAND_EXECUTION]: The skill utilizes the 'membrane' CLI for various operations including authentication ('membrane login'), connector discovery, and running actions. These operations are restricted to the functionality of the Membrane platform.
- [PROMPT_INJECTION]: The skill processes structured data from the Knock API, creating a surface for indirect prompt injection.
- Ingestion points: API responses from 'membrane action run' and 'membrane request'.
- Boundary markers: Not explicitly defined in the provided instructions.
- Capability inventory: Includes local shell command execution via the 'membrane' CLI.
- Sanitization: No specific filtering or sanitization of API data is mentioned before processing.
Audit Metadata