redox
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the Membrane CLI via npm (
@membranehq/cli). This is a legitimate tool provided by the skill's author to manage the integration. - [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands using the
membraneCLI. These commands are used to log in, search for API connectors, and run specific actions against the Redox API. All commands are limited to the scope of the intended Redox integration. - [DATA_EXFILTRATION]: The skill is designed to interact with healthcare data through the Redox platform. It correctly advises using a managed connection for authentication, which avoids the need for hardcoded API keys or sensitive credentials within the skill itself.
- [PROMPT_INJECTION]: As the skill retrieves records and notes from the Redox platform, there is a surface for indirect prompt injection if the external data contains instructions intended to influence the agent. The skill does not currently implement specific boundary markers for this data, but the capability is limited to the defined Redox actions.
Audit Metadata