templated
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill follows secure patterns by using the Membrane platform to handle OAuth and credential management server-side.
- [EXTERNAL_DOWNLOADS]: Instructs the user to install the
@membranehq/clipackage globally via npm and usesnpxto run the latest version of the CLI, which are standard procedures for using the vendor's tools. - [COMMAND_EXECUTION]: Provides various CLI commands for the agent to execute, such as
membrane action runandmembrane request, to interact with the Templated API through the authenticated proxy. - [SAFE]: Regarding indirect prompt injection surface: 1. Ingestion points: Reads data from Templated API via action runs and proxy requests. 2. Boundary markers: No explicit delimiters provided for external content in the instructions. 3. Capability inventory: Executes shell commands via the
membraneCLI to perform API operations. 4. Sanitization: Relies on the Membrane platform's handling of API interactions. Given the primary purpose is data management, this surface is considered part of normal operation.
Audit Metadata