tabnine
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the npm registry and use npx to run actions from the latest version. These are verified tools belonging to the service provider.
- [COMMAND_EXECUTION]: Documentation includes several shell commands for managing connections and executing actions via the membrane CLI tool. These are part of the standard workflow for developers using the platform.
- [DATA_EXFILTRATION]: The skill enables API requests to the Tabnine proxy via the membrane CLI. This functionality is the intended primary purpose of the skill to allow data interaction with the Tabnine service.
- [PROMPT_INJECTION]: There is a potential surface for indirect prompt injection as the agent ingests and processes data returned from the Tabnine API. * Ingestion points: Output from membrane action run and membrane request commands described in SKILL.md. * Boundary markers: The instructions do not specify any delimiters to separate untrusted API data from the agent context. * Capability inventory: The agent has access to the shell via the membrane CLI and can perform network operations through it. * Sanitization: No explicit steps for data validation or sanitization of API responses are provided in the guide.
Audit Metadata