shipperhq
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
@membranehq/clipackage globally via NPM. This is a legitimate utility provided by the vendor to facilitate the integration. - [COMMAND_EXECUTION]: Employs the
membranecommand-line interface for lifecycle operations such as authentication (membrane login), connection discovery (membrane connection list), and action execution (membrane action run). - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it retrieves data from external ShipperHQ API endpoints that is then processed by the agent.
- Ingestion points: Output from API requests executed via
membrane action runandmembrane request(SKILL.md). - Boundary markers: Absent; the instructions do not specify delimiters or warnings for the agent to ignore instructions embedded in the API data.
- Capability inventory: The skill can execute CLI commands, perform network requests via a proxy, and list system connections (SKILL.md).
- Sanitization: No explicit sanitization or validation of the external API response content is described in the skill instructions.
Audit Metadata