sitecore
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI package (@membranehq/cli) from the NPM registry to facilitate platform interaction.
- [COMMAND_EXECUTION]: The skill executes various commands using the membrane CLI, including 'login', 'action list', and 'action run' to manage Sitecore data.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface when handling Sitecore data. 1. Ingestion points: Data entering the context via 'membrane action run' output in SKILL.md. 2. Boundary markers: Not specified. 3. Capability inventory: Execution of Sitecore actions and dynamic action creation through 'membrane action run' and 'membrane action create'. 4. Sanitization: Not specified.
Audit Metadata