kontentai
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage globally via npm. This package is the official command-line interface provided by the vendor and is required to execute the documented tasks. - [COMMAND_EXECUTION]: The skill relies on shell command execution via the
membraneCLI to perform operations such as authentication, searching for connectors, and running actions against the Kontent.ai API. These commands are integral to the skill's primary function of CMS management. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it retrieves content from an external CMS (Kontent.ai). If an attacker can control the content within the CMS, they could attempt to influence the agent's behavior. The skill mitigates this by encouraging the use of structured pre-built actions rather than raw API interactions.
Audit Metadata