nifty
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands using the
membraneCLI to manage project data, perform searches, and run actions. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the official NPM registry to facilitate the integration. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). Maliciously crafted content within Nifty (such as task descriptions or project titles) could attempt to influence the agent when it retrieves and processes this data.
- Ingestion points: Data enters the agent context through
membrane action runandmembrane requestcommands that fetch Nifty tasks, projects, and other workspace items. - Boundary markers: The instructions do not define explicit delimiters or warnings to ignore instructions embedded within the retrieved Nifty data.
- Capability inventory: The skill can perform network operations via
membrane requestand modify workspace data throughmembrane action run. - Sanitization: There is no mention of sanitization or validation of the content retrieved from the Nifty API before it is processed by the agent.
Audit Metadata