sourcegraph
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes external content from codebases via Sourcegraph search and file actions.
- Ingestion points: Data returned from
membrane action runandmembrane requestcommands (SKILL.md). - Boundary markers: Absent; the instructions do not specify the use of delimiters or warnings for the agent to ignore instructions within retrieved codebase content.
- Capability inventory: The skill provides capabilities to execute shell commands via the
membraneCLI and perform network requests via the Membrane proxy (SKILL.md). - Sanitization: Absent; the skill does not implement validation or filtering of the retrieved content before it is processed by the agent.
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry, which is a resource provided by the vendor to facilitate the integration. - [COMMAND_EXECUTION]: The skill relies on the execution of the
membranecommand-line interface to manage authentication, discover actions, and interact with the Sourcegraph API.
Audit Metadata