openai
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to install the '@membranehq/cli' package globally via npm. This package is the official CLI tool provided by the vendor 'membranedev' for interacting with their services.
- [COMMAND_EXECUTION]: The skill uses the 'membrane' CLI to perform various tasks including user authentication, creating service connections, and executing OpenAI actions.
- [PROMPT_INJECTION]: The skill handles data from external AI models, creating a surface for indirect prompt injection.
- Ingestion points: Data enters the context through outputs from 'membrane action run' and 'membrane request' as noted in SKILL.md.
- Boundary markers: There are no explicit markers or instructions provided to separate or ignore instructions embedded in model outputs.
- Capability inventory: The skill employs CLI-based network operations and action execution.
- Sanitization: No specific sanitization or filtering logic is mentioned for data retrieved from external OpenAI endpoints.
Audit Metadata