revel-systems
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installation of the
@membranehq/clipackage via npm. This is the official command-line interface from the vendor (Membrane) and is used for authentication and executing actions. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes untrusted data from the Revel Systems API. • Ingestion points: Business data such as orders, customers, and payments are ingested into the agent context via
membrane action runandmembrane requestcommands. • Boundary markers: The instructions do not define delimiters or specific 'ignore' instructions for data processed at runtime. • Capability inventory: The skill can list, retrieve, create, and update various business records and perform arbitrary API requests through the proxy command. • Sanitization: There is no evidence of explicit sanitization or validation of the external content within the skill's instructions.
Audit Metadata