simplekpi
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs users to install the
@membranehq/clipackage via NPM. This is a vendor-owned package required for the core functionality of the skill.\n- [COMMAND_EXECUTION]: The skill uses themembranecommand-line interface to manage connections and execute API actions. These commands are necessary for the intended purpose of the skill.\n- [PROMPT_INJECTION]: The skill processes data returned from the SimpleKPI API, creating an indirect prompt injection surface where external data could potentially influence agent behavior.\n - Ingestion points: API responses from
membrane action runandmembrane requestcommands (found in SKILL.md).\n - Boundary markers: Absent; external data is not wrapped in specific delimiters to distinguish it from instructions.\n
- Capability inventory: Capability to execute shell commands and perform network requests via the Membrane proxy (found in SKILL.md).\n
- Sanitization: No evidence of sanitization or validation for the content of retrieved KPI data or user information.
Audit Metadata