namely
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage, which is a verified vendor resource for the Membrane platform. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to search for connectors and execute actions against the Namely API. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion points: Namely API data retrieved via
membrane action runandmembrane request(SKILL.md). Boundary markers: None identified. Capability inventory: CLI execution via themembranetool (SKILL.md). Sanitization: No explicit sanitization or escaping of external content is mentioned.
Audit Metadata