squarespace
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
membraneCLI to interact with Squarespace. This involves executing commands likemembrane action runandmembrane requestto manage store data and configurations. - [EXTERNAL_DOWNLOADS]: The instructions guide the user to install the official
@membranehq/clipackage from the npm registry. This package is owned by the skill's vendor and is required for the skill's operation. - [PROMPT_INJECTION]: The skill features a surface for indirect prompt injection as it ingests data from Squarespace (e.g., form submissions, product descriptions, or customer names) which could contain untrusted instructions.
- Ingestion points: Data returned from the Squarespace API via
membrane action runormembrane requestdocumented inSKILL.md. - Boundary markers: None specified in the instructions.
- Capability inventory: Shell command execution via the
membraneCLI as described across theSKILL.mdfile. - Sanitization: The skill encourages the use of the
--jsonflag to ensure structured data handling, which helps mitigate some injection risks.
Audit Metadata