red-sift
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is a trusted vendor dependency used for interacting with the Membrane platform.\n- [COMMAND_EXECUTION]: The skill utilizes terminal commands via themembraneCLI to manage connections, discover actions, and execute requests. This is the intended operational model for this integration.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) because it processes data retrieved from the external Red Sift API.\n - Ingestion points: Data returned from
membrane action runandmembrane requestcommands (SKILL.md).\n - Boundary markers: Absent; there are no explicit delimiters or instructions to the agent regarding the untrusted nature of the API data.\n
- Capability inventory: Shell execution via the
membraneCLI (SKILL.md).\n - Sanitization: Absent; the instructions do not include data validation or sanitization steps before processing API content.
Audit Metadata