planetscale
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the '@membranehq/cli' package from the npm registry. This is an official vendor package required for the skill to function.
- [COMMAND_EXECUTION]: The skill utilizes the 'membrane' command-line utility to perform database operations, manage sessions, and run pre-defined actions. All commands are limited to the scope of interacting with the Membrane platform and PlanetScale.
- [DATA_EXFILTRATION]: The skill demonstrates safe credential handling by using 'membrane connect' to manage authentication server-side, preventing sensitive API keys from being exposed in the agent's environment or stored locally.
- [PROMPT_INJECTION]: As the skill reads data from external database branches and action outputs, it possesses a surface for indirect prompt injection (Ingestion points: membrane action run, membrane request). Boundary markers and sanitization steps are not explicitly defined in the skill instructions (Sanitization: absent; Boundary markers: absent), however, the operations are performed via a structured CLI (Capability inventory: membrane CLI).
Audit Metadata