labs64-netlicensing
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill involves installing the
@membranehq/clipackage, which is an official tool provided by the vendor (membranedev) for interacting with their service. - [COMMAND_EXECUTION]: The skill uses standard CLI commands (
membrane login,membrane connect, etc.) to facilitate interaction with the Labs64 NetLicensing API through a secure proxy. - [PROMPT_INJECTION]: The skill exposes an interface for processing user-supplied data via API actions, representing a surface for indirect injection.
- Ingestion points: Untrusted data enters the agent context through the
--inputflag inmembrane action run. - Boundary markers: None present in the instructions.
- Capability inventory: Subprocess execution of the
membraneCLI and network operations through the vendor's proxy. - Sanitization: Validation is performed by the external CLI tool and the destination API.
Audit Metadata