typeflowai
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements authentication best practices by delegating credential management and token refreshing to the Membrane platform, preventing the need for hardcoded secrets or local storage of API keys.
- [EXTERNAL_DOWNLOADS]: The instructions guide the user to install the
@membranehq/clitool via NPM. This is a legitimate utility provided by the vendor to interact with their service. - [COMMAND_EXECUTION]: The skill relies on shell-based commands using the
membraneCLI to perform actions such as searching for connectors, managing connections, and executing API requests. - [PROMPT_INJECTION]: The skill includes an attack surface for indirect prompt injection because it retrieves data from external API endpoints (TypeflowAI). If this external data contains malicious instructions, they could influence the agent's behavior.
- Ingestion points: External data is ingested via
membrane action runandmembrane requestcommands. - Boundary markers: None present in the instructions.
- Capability inventory: The skill can execute CLI commands and perform network requests via a proxy.
- Sanitization: No specific sanitization or filtering of API responses is mentioned.
Audit Metadata