strongdm
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the official Membrane CLI (@membranehq/cli) from the NPM registry to facilitate integration. This is a vendor-owned package and is a standard dependency for this skill.
- [COMMAND_EXECUTION]: Uses the membrane CLI to perform administrative tasks including searching for connectors, managing connections, and executing actions against the StrongDM API.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its handling of untrusted external data.
- Ingestion points: StrongDM resource metadata, account details, and audit logs retrieved via membrane CLI commands in SKILL.md.
- Boundary markers: No delimiters or explicit instructions are provided to the agent to ignore embedded commands within the retrieved data.
- Capability inventory: The skill can execute powerful actions and proxy arbitrary API requests that could modify infrastructure state.
- Sanitization: There is no evidence of sanitization or validation of the data retrieved from the external API before it is processed by the agent.
Audit Metadata