soveren
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent or user to install the
@membranehq/clipackage globally via npm. This is an official tool provided by the vendor for managing integrations. - [COMMAND_EXECUTION]: The instructions guide the agent to perform various system operations using the
membraneCLI, such as logging in, searching for connectors, and running actions. - [PROMPT_INJECTION]: The skill facilitates the processing of data from the external Soveren platform, which introduces a potential surface for indirect prompt injection.
- Ingestion points: Data retrieved from the Soveren API via the
membrane action runandmembrane requestcommands (SKILL.md). - Boundary markers: None identified in the skill instructions.
- Capability inventory: The skill allows the agent to execute actions (
membrane action run) and perform network requests to the Soveren API (membrane request). - Sanitization: Not present; the skill assumes the agent will handle tool outputs safely.
Audit Metadata