pennylane
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions include the installation of the
@membranehq/clipackage via npm. This is a legitimate tool provided by the skill's author to manage platform integrations. - [COMMAND_EXECUTION]: The skill documentation relies on the
membraneCLI to perform actions such as logging in, searching for connectors, and executing API requests. These commands are intended for the skill's functionality and do not involve unauthorized privilege escalation or persistence. - [PROMPT_INJECTION]: The skill defines a surface where user-supplied JSON data is passed to the
--inputflag of a CLI command. This is documented as a standard ingestion point for tool interaction. * Ingestion points: The--inputparameter used in themembrane action runcommand within SKILL.md. * Boundary markers: None present in the command examples. * Capability inventory: Includes the ability to execute CLI commands that perform network requests and manage remote connections. * Sanitization: Not explicitly specified in the instructional text.
Audit Metadata