pipeline-crm
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package via npm. This is a vendor-official tool provided by the creators of the skill (Membrane) to handle authentication and communication with external services.
- [COMMAND_EXECUTION]: The skill instructs the agent to perform CRM operations using CLI commands such as
membrane action runandmembrane request. These commands facilitate data retrieval and updates through a managed proxy service. - [PROMPT_INJECTION]: The skill's workflow for processing CRM data creates an indirect prompt injection surface. Ingestion points: External data enters the agent context via PipelineCRM records retrieved through the CLI. Boundary markers: The instructions do not define delimiters or specific warnings to ignore instructions embedded in the CRM data. Capability inventory: The skill can execute actions and make network requests through the Membrane platform to read or modify CRM records. Sanitization: No data validation or sanitization process is specified for content retrieved from external sources before it is analyzed by the agent.
Audit Metadata