teamwave
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill enables interaction with TeamWave by executing commands through the
membraneCLI tool for authentication and action execution. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the NPM registry to function. - [PROMPT_INJECTION]: The skill's primary function involves processing external data from TeamWave, which poses a potential risk for indirect prompt injection.
- Ingestion points: Untrusted data enters the agent's context through output from
membrane action runandmembrane requestcommands in SKILL.md. - Boundary markers: No specific delimiters or instructions for the agent to disregard instructions within the external data are present.
- Capability inventory: The agent is empowered to execute shell commands and perform network operations via the Membrane CLI as documented in SKILL.md.
- Sanitization: There are no mechanisms described for validating or sanitizing the content retrieved from TeamWave before it is processed by the agent.
Audit Metadata