phaxio
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to install and use the @membranehq/cli command-line tool to facilitate interactions with the Phaxio API.
- [EXTERNAL_DOWNLOADS]: The skill downloads the @membranehq/cli package from the npm registry, which is a recognized vendor resource for the author membranedev.
- [PROMPT_INJECTION]: The skill processes external data from Phaxio faxes and media, representing a potential surface for indirect prompt injection where malicious instructions could be embedded in fax content.
Audit Metadata