poool
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the npm registry. This is the official command-line interface for the Membrane platform, provided by the vendor. - [COMMAND_EXECUTION]: The skill utilizes shell commands via the
membraneCLI to manage connections, discover actions, and perform API requests. These commands are restricted to the intended functionality of the integration. - [PROMPT_INJECTION]: The skill retrieves and processes external data from the Poool API (including user records, segments, and rules). This creates an ingestion point for untrusted data that could potentially contain instructions aimed at influencing the agent, though the skill lacks high-severity capabilities that would make this surface exploitable.
Audit Metadata