pandle
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package via npm. This is a verified vendor resource used to facilitate communication with the Membrane platform.
- [COMMAND_EXECUTION]: The skill uses shell commands like 'membrane action run' and 'membrane login' to interact with the service. These commands are part of the intended workflow and are documented for user transparency.
- [PROMPT_INJECTION]: The skill processes data from the Pandle API, which represents a surface for indirect prompt injection. If an attacker controls data within a Pandle account, they could attempt to influence the agent's behavior through malicious record content. * Ingestion points: Output from 'membrane action list' and 'membrane action run' commands in SKILL.md. * Boundary markers: No specific delimiters are provided in the instructions to isolate Pandle data from the agent's instructions. * Capability inventory: The agent has the ability to execute shell commands via the 'membrane' CLI. * Sanitization: There is no evidence of sanitization for the retrieved API data before it is processed by the agent.
Audit Metadata