plance
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
membraneCLI to perform operations such as user authentication, service connection, and executing specific actions within the Plance ecosystem. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry to provide the command-line interface necessary for the integration. - [PROMPT_INJECTION]: The skill processes data retrieved from the Plance API, such as task descriptions and project names. While this presents a surface for indirect prompt injection if external users provide malicious content in those fields, the risk is inherent to data-processing skills and is mitigated by the standard operational scope of the CLI tools used.
Audit Metadata