snapscan
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/cliglobal package. This is a vendor-owned tool from the same author as the skill and is used to facilitate platform interactions. - [COMMAND_EXECUTION]: The instructions involve executing various
membraneCLI commands for authentication, action discovery, and execution. These commands are integral to the skill's primary function of integrating with SnapScan. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes data retrieved from external SnapScan API endpoints.
- Ingestion points: Data from the SnapScan service enters the agent context via
membrane action runandmembrane requestoutputs in SKILL.md. - Boundary markers: The instructions do not define boundary markers or include warnings to ignore instructions embedded in the external data.
- Capability inventory: The skill executes subprocess commands using the
membraneCLI across multiple integration steps. - Sanitization: No sanitization or validation of the ingested external data is performed before it is presented to the agent.
Audit Metadata