tubular
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the @membranehq/cli package from the npm registry. This is a standard utility provided by the vendor to facilitate interaction with their integration platform.
- [COMMAND_EXECUTION]: Several instructions involve running shell commands using the membrane CLI (e.g., login, connect, action run). These commands are used to manage authentication and data operations within the Tubular integration.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from Tubular, which introduces a potential surface for indirect prompt injection attacks. 1. Ingestion points: Untrusted data such as video comments or user profiles enter the agent's context through membrane action run and membrane request commands. 2. Boundary markers: The skill does not implement delimiters or provide instructions to the agent to disregard embedded commands in the fetched data. 3. Capability inventory: The skill possesses the ability to execute shell commands and perform network operations via the Membrane CLI. 4. Sanitization: There is no evidence of sanitization or filtering of the external content before it is processed by the agent.
Audit Metadata