navigatr
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/cliglobal package, which is an official tool provided by the vendor for platform interaction. - [COMMAND_EXECUTION]: Utilizes the
membraneCLI to execute operations such as searching for connectors, running actions, and making proxied API requests to Navigatr. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface: * Ingestion points: External data enters the agent context via outputs from
membrane action runandmembrane request. * Boundary markers: No specific delimiters or instructions are provided to the agent to ignore embedded instructions in the retrieved data. * Capability inventory: The skill can execute various shell commands via themembraneCLI (subprocess calls). * Sanitization: No sanitization or validation of the API response content is performed before processing.
Audit Metadata