pdffiller
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This package is an official tool from the vendor used to manage integrations and authentication. - [COMMAND_EXECUTION]: Several CLI commands (
membrane login,membrane connect,membrane action run,membrane request) are used to interact with the PdfFiller API. These commands facilitate authentication and data management via Membrane's proxy service, which minimizes the exposure of raw credentials. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data retrieved from the PdfFiller API.
- Ingestion points: API response data from actions and proxy requests (e.g., PDF content, field values, folder lists).
- Boundary markers: Not explicitly present in the instructional text.
- Capability inventory: Execution of CLI commands via the
membranetool and network operations via themembrane requestproxy. - Sanitization: No specific sanitization or validation of external API content is documented within the skill's instructions.
Audit Metadata