recruitee
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs users to install the '@membranehq/cli' package from the npm registry, which is a tool provided by the skill's authoring organization.
- [COMMAND_EXECUTION]: The skill relies on the 'membrane' CLI to perform operations such as authentication, connection management, and executing specific Recruitee API actions.
- [PROMPT_INJECTION]: The skill processes untrusted external data from Recruitee, such as candidate notes and profile information, creating an indirect prompt injection surface.
- Ingestion points: Data is ingested via actions like 'list-candidates' and 'list-candidate-notes' described in SKILL.md.
- Boundary markers: No specific delimiters or safety instructions are defined to separate ingested data from agent instructions.
- Capability inventory: The skill can perform write operations including 'create-candidate', 'update-candidate', and arbitrary API calls via 'membrane request' as documented in SKILL.md.
- Sanitization: There is no evidence of sanitization or filtering applied to the external data before it is processed by the agent.
Audit Metadata