starloop
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clipackage globally via NPM. This is the official command-line tool for the Membrane platform, which is the vendor for this skill. - [COMMAND_EXECUTION]: The instructions utilize the
membraneCLI to perform authentication, discover connectors, and execute actions. These commands are part of the standard operating procedure for integrating services through the Membrane platform. - [PROMPT_INJECTION]: The skill processes external data such as feedback, reviews, and survey responses from Starloop. This creates a surface for indirect prompt injection where instructions embedded in customer feedback could attempt to influence the agent. The skill mitigates this by recommending the use of pre-built Membrane actions which handle data in a structured manner.
Audit Metadata