signiflow
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
membraneCLI tool to perform various tasks such as searching for connectors, establishing connections, and running specific SigniFlow actions. These commands are necessary for the skill's stated purpose and do not involve unauthorized privilege escalation or sensitive file access. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry. This is a well-known tool provided by the vendor (membranedev/membranehq) and is documented as a trusted resource for this integration. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it ingests and processes data from the external SigniFlow API. While the agent may process untrusted data from document groups or user records, the skill uses structured JSON responses and standard CLI interfaces, which minimizes the risk of the data being interpreted as instructions.
Audit Metadata