seekwell
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is the official command-line interface for the Membrane platform, provided by the vendor to handle integrations and secure authentication. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform actions such as logging in, searching for connectors, and executing SQL queries. These commands are necessary for the skill's intended functionality and are restricted to the user's authenticated environment. - [PROMPT_INJECTION]: The skill processes results from SeekWell SQL queries, creating a surface for indirect prompt injection. 1. Ingestion points: Data retrieved from SeekWell via
membrane action runormembrane requestcommands (SKILL.md). 2. Boundary markers: The instructions do not specify any delimiters to separate query results from agent instructions. 3. Capability inventory: The skill can execute commands and perform network requests through themembraneCLI (SKILL.md). 4. Sanitization: No explicit validation, filtering, or sanitization of external data is mentioned in the skill documentation.
Audit Metadata