mail-blaze
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@membranehq/clivia npm. This is the official command-line tool for the platform provided by the vendor and is used for secure authentication and service interaction. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform actions like searching for connectors, connecting to accounts, and running API actions. These commands are localized to the platform's ecosystem and are the intended method for interacting with the service. - [PROMPT_INJECTION]: As the skill processes data from an external email marketing service (Mail Blaze) through actions and requests, there is a theoretical surface for indirect prompt injection if the ingested data contains malicious instructions. However, the skill primarily handles structured data through defined schemas, and there are no high-risk capabilities like arbitrary code execution triggered by this data.
Audit Metadata