quaderno
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage via npm. This is a vendor-provided tool required for the skill's functionality. - [COMMAND_EXECUTION]: The skill relies on executing shell commands through the
membraneCLI to perform API actions, manage connections, and handle authentication. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from the Quaderno API.
- Ingestion points: External data is ingested through
membrane action runandmembrane requestcommands inSKILL.md. - Boundary markers: No specific delimiters or instructions to ignore embedded commands in the data are provided.
- Capability inventory: The skill has the capability to execute shell commands via the
membraneCLI as documented inSKILL.md. - Sanitization: There is no evidence of explicit sanitization or filtering of the retrieved API data before it is processed by the agent.
Audit Metadata