salespype
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/cliglobal package from NPM, which is the official tool for interacting with the author's platform.- [COMMAND_EXECUTION]: Instructions involve running variousmembraneCLI commands for authentication, searching for connectors, and executing API actions against Salespype.- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it processes data retrieved from the Salespype API. - Ingestion points: Salespype data objects (e.g., Leads, Contacts, Activity logs) retrieved via
membrane action runormembrane request(SKILL.md). - Boundary markers: Absent. No specific delimiters or instructions are provided to the agent to ignore instructions embedded within the retrieved data.
- Capability inventory: The agent can execute shell commands via the
membraneCLI and perform network operations viamembrane request(SKILL.md). - Sanitization: Not specified in the instructions.
Audit Metadata