newslit
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI (
@membranehq/cli) from the NPM registry, which is a legitimate vendor tool. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to manage authentication (membrane login), discover functionality (membrane search,membrane action list), and perform API operations (membrane action run,membrane request). These commands are executed within the context of the vendor's platform. - [DATA_EXFILTRATION]: The skill retrieves article data, media mentions, and analytics from the Newslit API via a proxy connection; this behavior is consistent with the skill's documented purpose of managing Newslit data.
- [PROMPT_INJECTION]: The skill processes news articles and media metadata from the external Newslit API, representing an indirect prompt injection surface.
- Ingestion points: Data enters the context through
membrane action runandmembrane requestcommands (found in SKILL.md). - Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are present in the documentation for handling the retrieved content.
- Capability inventory: The skill can execute API actions and network requests via the
membraneCLI (documented in SKILL.md). - Sanitization: There is no evidence of explicit sanitization or filtering of the retrieved news content before it is processed by the agent.
Audit Metadata