staffology
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This tool is the official command-line interface provided by the vendor to facilitate secure authentication and API interaction. - [COMMAND_EXECUTION]: The skill utilizes several
membraneCLI commands to perform administrative and data-related tasks, such asmembrane login,membrane action list, andmembrane action run. These commands are standard operations for managing the Staffology integration. - [PROMPT_INJECTION]: The skill processes data from the Staffology API, which represents an inherent surface for indirect prompt injection.
- Ingestion points: Data enters the agent's context through the output of the
membrane action runandmembrane requestcommands in SKILL.md. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are included in the skill's logic.
- Capability inventory: The skill can execute predefined actions and perform arbitrary HTTP requests using the
membraneCLI. - Sanitization: There is no evidence of sanitization or filtering of the external API responses before they are processed by the agent.
Audit Metadata