marketo
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such asmembrane action run,membrane login, andmembrane connect. These commands are standard for the integration and are used to manage Marketo data and authentication. - [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
@membranehq/clipackage from the NPM registry. This is an official utility provided by the vendor (membranedev) to facilitate communication with the Membrane platform. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection due to its integration with external API data. Ingestion points: Untrusted data enters the context from the Marketo API via actions and proxy requests (
membrane request). Boundary markers: No specific delimiters or instructions to ignore embedded commands within the retrieved data are defined in the skill. Capability inventory: The skill has the ability to execute CLI commands and perform network operations via a proxy. Sanitization: There is no mention of sanitization, validation, or filtering of the external API content before it is processed by the agent.
Audit Metadata