maximizer
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the official @membranehq/cli package from the NPM registry to facilitate communication with the Membrane platform.
- [COMMAND_EXECUTION]: Relies on the membrane CLI tool to perform actions and queries against Maximizer CRM, which is the intended functionality for managing business data.
- [PROMPT_INJECTION]: As an integration tool, the skill ingests data from external CRM records (such as Leads and Cases) which represents a potential surface for indirect prompt injection.
- Ingestion points: Outputs from CLI commands including 'membrane action run' and 'membrane request' as described in SKILL.md.
- Boundary markers: None defined for the processed CRM data.
- Capability inventory: Shell execution of CLI commands for CRM data retrieval and modification.
- Sanitization: No explicit sanitization or filtering is described for the data retrieved from the CRM.
Audit Metadata