make
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform administrative and operational tasks, such as authenticating users, searching for connector IDs, and executing specific automation actions on the Make platform. - [EXTERNAL_DOWNLOADS]: The instructions direct the installation of the
@membranehq/cliglobal package from the npm registry. This package is the official tool provided by the author (membranedev) to facilitate communication with the Membrane platform. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it processes data retrieved from external Make scenarios and data stores. 1. Ingestion points: Data enters the agent's context through the output of the
membrane action runandmembrane requestcommands as described in SKILL.md. 2. Boundary markers: The skill does not implement specific delimiters or instructions to ignore potentially malicious embedded commands in the data retrieved from Make. 3. Capability inventory: The skill has the ability to execute shell commands and perform network operations via the Membrane proxy. 4. Sanitization: There is no documented validation or sanitization of the content fetched from the Make API before it is processed by the agent.
Audit Metadata