netsuite
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the
@membranehq/clipackage from the NPM registry to enable interaction with the Membrane platform.\n- [COMMAND_EXECUTION]: Utilizes themembranecommand-line utility for managing connections, querying action schemas, and executing requests against the NetSuite API.\n- [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection common to skills processing external business records.\n - Ingestion points: Data retrieved from NetSuite via list/get actions and proxy requests (SKILL.md).\n
- Boundary markers: Absent; the agent processes retrieved record content directly.\n
- Capability inventory: Shell execution via the
membraneCLI (SKILL.md).\n - Sanitization: Not present; the skill assumes the integrity of the data stored within the connected NetSuite account.
Audit Metadata