Skills
skills/membranedev/application-skills/stackhawk/Gen Agent Trust Hub

stackhawk

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to interact with the StackHawk API. Commands include membrane login, membrane connect, and membrane action run. These are standard operations for the tool's intended purpose and are executed by the user or agent during setup and operation.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI using npm install -g @membranehq/cli. This is a vendor-provided package required for the skill's functionality and is considered a legitimate resource from the author.
  • [PROMPT_INJECTION]: The skill facilitates data ingestion from untrusted sources, creating a surface for potential indirect prompt injection.
  • Ingestion points: User-provided intent in membrane action list --intent=QUERY and input parameters in membrane action run --input (SKILL.md).
  • Boundary markers: None identified; inputs are passed directly to the CLI.
  • Capability inventory: The skill uses the membrane CLI which can execute actions and make network requests to the StackHawk API (SKILL.md).
  • Sanitization: No explicit sanitization or validation of the input strings is mentioned in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 10:28 AM