segment
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the
@membranehq/clipackage from the NPM registry, which is a verified vendor tool required for the skill to function. - [COMMAND_EXECUTION]: Executes
membraneCLI commands to perform operations like login, connection management, and running actions against the Segment API. This is the primary functionality of the skill. - [PROMPT_INJECTION]: Identifies an indirect prompt injection surface as the skill processes customer data from external Segment APIs. 1. Ingestion points: Data retrieved via
membrane action runandmembrane request(SKILL.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill's instructions. 3. Capability inventory: Ability to execute shell commands via the CLI and perform authenticated network requests (SKILL.md). 4. Sanitization: No evidence of data sanitization or validation before processing the retrieved data.
Audit Metadata