senta
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill integrates with external data from the Senta CRM, creating a potential surface for indirect prompt injection if malicious instructions are embedded in client data.
- Ingestion points: Data is retrieved from Senta (notes, activities, files, cases) via the
membrane action runandmembrane requestcommands in SKILL.md. - Boundary markers: The skill does not provide specific delimiters or ignore-embedded-instruction warnings for the ingested data.
- Capability inventory: The skill uses the Membrane CLI which can perform actions, raw API requests, and file operations based on agent logic.
- Sanitization: No sanitization or validation logic is defined for the external data before it is processed.
- [SAFE]: The documentation incorrectly identifies
https://github.com/baidu/Senta(a sentiment analysis library) as the official documentation for the Senta CRM. While misleading, this appears to be a documentation error by the author rather than a malicious deception.
Audit Metadata