rudderstack-http
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the user to install the
@membranehq/clipackage from the npm registry. This is a utility provided by the author to facilitate secure communication and authentication with the RudderStack service. - [COMMAND_EXECUTION]: The skill utilizes several CLI commands, including
membrane login,membrane action run, andmembrane request, to interact with external systems. These commands are necessary for the skill's primary function of managing RudderStack data and workflows. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from external RudderStack HTTP endpoints. If the external data contains instructions designed to manipulate an LLM, the agent's logic could be affected.
- Ingestion points: Data returned from the
membrane action runandmembrane requestcommands as documented inSKILL.md. - Boundary markers: The skill does not implement specific delimiters or safety instructions to separate external data from system prompts.
- Capability inventory: The skill allows for the execution of API actions and raw HTTP requests to the RudderStack service.
- Sanitization: There is no documentation of input validation or response sanitization being performed on the data fetched from the external source.
Audit Metadata