rillet
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clipackage via npm. This is a trusted utility from the vendor (Membrane) required to facilitate the integration. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line tool to perform administrative and data tasks, such as authenticating with a tenant, creating connections, and executing API actions. - [PROMPT_INJECTION]: The skill processes external data from the Rillet API, which introduces a surface for indirect prompt injection.
- Ingestion points: Structured and unstructured data retrieved via
membrane action runandmembrane requestas described in SKILL.md. - Boundary markers: The skill instructions do not specify delimiters to isolate external data from the agent's internal instructions.
- Capability inventory: The skill utilizes the
membraneCLI to execute commands and proxy network requests, as documented in SKILL.md. - Sanitization: No explicit data validation or sanitization of the Rillet API responses is mentioned in the provided documentation.
Audit Metadata