oxylabs
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official
@membranehq/clipackage from the npm registry, which is the expected tool for interacting with the author's platform. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to log in, connect to Oxylabs, and execute scraping actions. These operations are within the stated scope of the skill. - [INDIRECT_PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting untrusted data scraped from external websites via Oxylabs actions.
- Ingestion points: Scraped website data returned by the
membrane action runcommand. - Boundary markers: The instructions do not specify any markers or delimiters for the ingested content.
- Capability inventory: The skill has the capability to create new actions, run existing actions, and access the network via the CLI.
- Sanitization: No explicit sanitization or filtering of the scraped content is provided within the skill instructions.
Audit Metadata