netsuite
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Instructs the installation of the @membranehq/cli Node.js package, which is the official tool provided by the vendor to facilitate secure communication with the Membrane platform.
- [COMMAND_EXECUTION]: Executes shell commands via the membrane CLI to perform operations like connection management, action execution, and direct API proxying.
- [PROMPT_INJECTION]: Identifies a standard vulnerability surface for indirect prompt injection.
- Ingestion points: Untrusted data is ingested from external NetSuite records (e.g., customers, vendors, invoices, and journal entries) through membrane action run or membrane request.
- Boundary markers: Absent; the documentation does not specify delimiters to separate retrieved record content from agent instructions.
- Capability inventory: The skill possesses the capability to execute system commands and network requests via the membrane tool.
- Sanitization: Absent; no specific sanitization, filtering, or validation logic is mentioned for the data fetched from the ERP system before it enters the agent context.
Audit Metadata