rewardful
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is authored by the vendor and uses official tools for managing Rewardful data, ensuring consistency with the platform's security model.
- [EXTERNAL_DOWNLOADS]: Fetches the '@membranehq/cli' package from the NPM registry. This is a standard distribution method for the vendor's integration tools.
- [COMMAND_EXECUTION]: Uses the membrane CLI to manage connections and execute API actions. Authentication is performed through a secure OIDC/OAuth flow managed by the platform, which prevents local storage of sensitive tokens.
- [PROMPT_INJECTION]: The skill processes data from Rewardful, which acts as a surface for indirect prompt injection. 1. Ingestion points: Data returned from 'membrane action run' and 'membrane request' commands. 2. Boundary markers: Absent in the current documentation. 3. Capability inventory: Ability to run actions and proxy HTTP requests via the Membrane platform. 4. Sanitization: Relies on the core agent platform's default handling of tool outputs.
Audit Metadata