superoffice
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage via NPM to facilitate communication with the CRM. This is a vendor-owned package associated with the integration platform. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line interface to execute API actions and proxy requests to SuperOffice. This is the intended behavior for interacting with the CRM. - [PROMPT_INJECTION]: The skill processes external data from SuperOffice (e.g., support tickets, notes), which presents an inherent surface for indirect prompt injection. This is a common characteristic of CRM integrations.
- Ingestion points: CRM data retrieved via
list-tickets,list-appointments, and directmembrane requestcalls. - Boundary markers: No specific delimiters or instructions to ignore embedded content are explicitly defined in the skill documentation.
- Capability inventory: The skill can create, update, and delete CRM entities (e.g.,
create-ticket,update-contact) via themembrane action runcommand. - Sanitization: The skill relies on the LLM's internal safety guardrails and the structured schemas provided by the Membrane platform to handle retrieved data.
- [CREDENTIALS_UNSAFE]: The skill correctly delegates authentication to the Membrane platform, avoiding the need to handle or store API keys locally.
Audit Metadata