ritekit
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions include installing the official Membrane CLI tool (@membranehq/cli) via npm to facilitate communication with the platform. This is an expected installation of the vendor's own tooling.
- [COMMAND_EXECUTION]: The skill uses the membrane command-line interface to manage connections and execute actions. These commands are standard for the platform's operation and do not involve unauthorized privilege escalation or persistence mechanisms.
- [PROMPT_INJECTION]: The skill interacts with external data from Ritekit, creating an indirect prompt injection surface.
- Ingestion points: Ritekit API responses (hashtags, analytics, enhanced text) processed via membrane action run and membrane request commands in SKILL.md.
- Boundary markers: No specific delimiters or boundary markers are defined in the skill instructions to separate untrusted data from the agent context.
- Capability inventory: The skill uses the membrane CLI for network requests and action execution.
- Sanitization: No explicit sanitization or validation of the external content is performed within the described skill logic.
- [CREDENTIALS_UNSAFE]: The skill follows security best practices by delegating authentication to the Membrane platform. It explicitly instructs the user not to handle API keys or tokens directly, reducing the risk of credential exposure.
Audit Metadata