paperspace
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via npm. This is a vendor-provided tool from the author (membrane) used to manage connections and execute actions. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to interact with the system and remote services. It executes commands for authentication (membrane login), connection management (membrane connect), and API interaction (membrane action run,membrane request). - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from external Paperspace API endpoints.
- Ingestion points: Data enters the agent context through the output of
membrane action runandmembrane requestcommands. - Boundary markers: There are no explicit instructions or delimiters defined to help the agent distinguish between data and potential instructions within the API responses.
- Capability inventory: The agent can perform state-changing operations (creating, deleting, or modifying cloud resources) via the
membrane action runcommand. - Sanitization: No validation or sanitization logic is provided to inspect the content of API responses before they are processed by the agent.
Audit Metadata