paubox
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI from the official registry.
- Evidence:
npm install -g @membranehq/cliandnpx @membranehq/cli@latest. - [COMMAND_EXECUTION]: Shell commands are used to interact with the Membrane platform for connection management and API execution.
- Evidence: Commands such as
membrane action run,membrane request, andmembrane connectare executed via the CLI. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from Paubox which may contain untrusted content.
- Ingestion points: Reads email content, organization data, and user records from the Paubox API (SKILL.md).
- Boundary markers: Absent. No specific delimiters or instructions to ignore embedded commands are provided.
- Capability inventory: Can execute API actions and send arbitrary HTTP requests via the Membrane proxy (SKILL.md).
- Sanitization: Absent. The skill does not describe any validation or sanitization of data retrieved from Paubox.
Audit Metadata