retently
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process feedback and survey data from Retently. 1. Ingestion points: Retently survey responses and contact data retrieved via the membrane CLI (SKILL.md). 2. Boundary markers (absent): No delimiters or instructions are provided to separate external data from agent instructions. 3. Capability inventory: The skill uses the membrane CLI to execute actions and make API requests (SKILL.md). 4. Sanitization (absent): No explicit data sanitization or validation is specified.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from npm. This package and the associated getmembrane.com domain are verified resources belonging to the skill author, membranedev, and are used for secure API interaction.
Audit Metadata