mason
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses the membrane CLI to manage connections and execute actions within the Mason ecosystem.
- [EXTERNAL_DOWNLOADS]: Downloads and installs the @membranehq/cli package, which is the official tool provided by the vendor for this integration.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes data from external Mason API endpoints.
- Ingestion points: Data enters the agent context through membrane action run and membrane request commands described in SKILL.md.
- Boundary markers: The instructions do not specify the use of delimiters or warnings to ignore potentially malicious instructions within the retrieved data.
- Capability inventory: The skill allows for command execution and network operations through the membrane CLI as defined in SKILL.md.
- Sanitization: There is no evidence of sanitization or filtering of the content received from the external API in the provided documentation.
Audit Metadata