stein
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to use the
membraneCLI for managing Stein database connections and executing actions via the terminal.- [EXTERNAL_DOWNLOADS]: The documentation directs the installation of the@membranehq/clipackage from the official NPM registry to enable platform capabilities.- [PROMPT_INJECTION]: Because the skill retrieves data from spreadsheets which can contain untrusted content, it has an indirect prompt injection surface; however, the skill encourages the use of structured actions to mitigate direct execution of untrusted data.
Audit Metadata