okta
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installing the @membranehq/cli package from npm, which is the official tool for the vendor's ecosystem.
- [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform Okta management tasks such as user creation, group listing, and direct API requests.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing external Okta data and offering administrative capabilities like user deletion.
- [PROMPT_INJECTION]: Ingestion points: Okta user, group, and application data retrieved via membrane actions as defined in SKILL.md.
- [PROMPT_INJECTION]: Boundary markers: No explicit delimiters or ignore-instructions markers are present in the skill definition.
- [PROMPT_INJECTION]: Capability inventory: High-privilege operations including user/group deletion and custom API requests via membrane request.
- [PROMPT_INJECTION]: Sanitization: No data sanitization or validation steps are defined for the incoming Okta records.
Audit Metadata