listclean
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clipackage from npm, which is the official tool provided by the vendor for interacting with their platform. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes user input to populate parameters for Listclean API actions.
- Ingestion points: User input passed to the
--inputflag of themembrane action runcommand inSKILL.md. - Capability inventory: Network operations through
membrane requestand execution of SaaS actions via the CLI tool. - Boundary markers: No specific delimiters are used to wrap user-provided data.
- Sanitization: No explicit sanitization or validation of input data is defined in the instructions.
- Context: These risks are intrinsic to the skill's primary purpose of allowing an agent to dynamically interact with an external API and do not represent a malicious intent.
Audit Metadata