magnetic
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/clipackage from the NPM registry, which is the official tool for interacting with the author's platform. - [COMMAND_EXECUTION]: The agent uses the
membraneCLI to perform operations such as authentication, action discovery, and API request proxying. These commands are local to the execution environment and required for functionality. - [PROMPT_INJECTION]: The skill processes data from Magnetic CRM, creating a surface for indirect prompt injection. * Ingestion points: Data enters the agent's context through CLI commands like
membrane action runandmembrane requestas described inSKILL.md. * Boundary markers: The instructions do not define delimiters or specific safety instructions to isolate external data from the system prompt. * Capability inventory: The agent can execute shell commands via themembraneCLI and make network requests through the platform proxy. * Sanitization: There is no specified logic for sanitizing or validating retrieved data, such as lead details or campaign content, before it is processed by the agent.
Audit Metadata