ontraport
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill specifies the installation of the
@membranehq/clipackage from the official NPM registry. This is a trusted vendor resource provided by Membrane for managing integrations. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line tool to manage service connections and execute API actions. These operations are restricted to the functionality provided by the Membrane platform and do not involve arbitrary system commands. - [PROMPT_INJECTION]: The skill interacts with external CRM data which presents a standard surface for indirect prompt injection. This is a common characteristic of integration skills and is handled here through structured actions rather than raw data execution.
- Ingestion points: CRM data (contacts, notes, etc.) retrieved from Ontraport via the
membraneCLI. - Boundary markers: None explicitly defined in the provided documentation.
- Capability inventory: Creating, reading, updating, and deleting records in Ontraport, and making proxy requests to the Ontraport API.
- Sanitization: Relies on the AI agent's internal safety guardrails and the proxy layer provided by the Membrane platform.
Audit Metadata