scrapin-io
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides users to install the Membrane CLI using the command
npm install -g @membranehq/cli. This is a standard global installation of the vendor's official command-line tool. - [COMMAND_EXECUTION]: The skill provides instructions for using the
membraneCLI to manage connections and execute actions. These commands (membrane connect,membrane action run,membrane request) are used as intended for service integration and do not involve arbitrary command injection vulnerabilities. - [PROMPT_INJECTION]: As the skill interacts with a web scraping service (Scrapin.io), it inherently processes untrusted data from the open web, creating a potential surface for indirect prompt injection.
- Ingestion points: Data returned from scrapin.io actions, such as social media profile details, comments, and posts, are ingested into the agent's context (SKILL.md).
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the scraped data as untrusted or to ignore embedded instructions.
- Capability inventory: The skill possesses the ability to execute network requests and CLI commands via the
membranetool (SKILL.md). - Sanitization: The skill does not mention specific sanitization or filtering logic for the scraped data before it is processed by the agent.
Audit Metadata