okay
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the official
@membranehq/clipackage from the NPM registry. This is a vendor-provided tool used to manage the integration. \n- [COMMAND_EXECUTION]: Employs themembraneCLI to authenticate users, search for connectors, and execute actions within the Okay ecosystem. \n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of external data. \n - Ingestion points: Data is retrieved from the Okay API using
membrane action runandmembrane requestcommands. \n - Boundary markers: The instructions do not specify delimiters or warnings to prevent the agent from interpreting retrieved data as instructions. \n
- Capability inventory: The skill can execute shell commands via the Membrane CLI and perform network operations through the Membrane proxy. \n
- Sanitization: There is no evidence of sanitization or validation of the data retrieved from the external API before it is processed.
Audit Metadata