rollbar
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry and also usesnpxto run it. These are official tools provided by the vendor (Membrane) to facilitate the integration. - [COMMAND_EXECUTION]: The skill relies on executing the
membraneCLI tool to perform authentication, manage connections, and interact with the Rollbar API. This is the intended mechanism for the skill's functionality. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data retrieved from the Rollbar API, such as error occurrences and project details.
- Ingestion points: Data enters the agent context through the output of
membrane action runandmembrane requestcommands. - Boundary markers: The instructions do not define specific delimiters for separating API data from agent instructions.
- Capability inventory: The skill can execute shell commands via the Membrane CLI and perform network operations through the proxy functionality.
- Sanitization: There is no mention of sanitization or filtering of the content received from the Rollbar API.
Audit Metadata