placekey
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the NPM registry to facilitate platform interactions. This is a recognized vendor resource for the Membrane ecosystem. - [COMMAND_EXECUTION]: Shell commands are used via the
membraneCLI to perform administrative tasks such as logging in, searching for connectors, and executing API actions. These operations are within the expected scope of a CLI-based integration. - [PROMPT_INJECTION]: The skill processes external data from the Placekey API, which presents a surface for indirect prompt injection.
- Ingestion points: Data is ingested through the output of
membrane action runandmembrane requestcommands described in SKILL.md. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions potentially embedded in the retrieved data.
- Capability inventory: The skill possesses the capability to execute shell commands via the
membraneCLI as documented in SKILL.md. - Sanitization: No specific sanitization or filtering logic for the API responses is mentioned in the instructions.
- [SAFE]: Sensitive authentication tokens and API keys are managed server-side by the Membrane platform. The skill correctly instructs users to use connections rather than asking for or storing local secrets, minimizing the risk of credential exposure.
Audit Metadata