sare
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to interact with the SARE platform, performing tasks like managing campaigns, leads, and actions. This involves the installation of the@membranehq/clipackage and execution of commands for authentication and resource management. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from the SARE API. \n- Ingestion points: Data returned by CLI commands such as
membrane action list,membrane action run, andmembrane request. \n- Boundary markers: No specific delimiters or instructions to ignore embedded commands are provided to protect the agent context. \n- Capability inventory: The skill possesses the ability to execute actions viamembrane action runand perform arbitrary network requests through themembrane requestproxy. \n- Sanitization: No sanitization or validation of external marketing data is performed before the agent processes it.
Audit Metadata