superoffice
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official NPM registry. This is a vendor-provided tool necessary for the skill's operation. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI for administrative tasks, including logging in, creating service connections, and executing CRM actions. These are expected behaviors for managing the platform. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data from external SuperOffice records.
- Ingestion points: SuperOffice API data such as contacts, documents, and support tickets.
- Boundary markers: None specified in the instructions for separating external data from agent commands.
- Capability inventory: Includes capabilities to read and write CRM data and perform proxy network requests via the
membraneCLI. - Sanitization: No explicit filtering or sanitization of ingested CRM data is performed before it enters the agent's context.
Audit Metadata