shopee
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/clipackage from the NPM registry, which is the official tool for interacting with the Membrane platform. - [COMMAND_EXECUTION]: Uses shell commands to perform authentication, create connections, and execute Shopee-related actions through the Membrane CLI.
- [PROMPT_INJECTION]: Features dynamic action discovery and creation based on natural language intents. This represents a potential indirect prompt injection surface if the agent passes untrusted data into these search or creation queries.
Audit Metadata