ukg-pro-hcm
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally using npm. This package is a core component of the Membrane platform provided by the skill author. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to authenticate users, manage UKG Pro connections, and execute API actions. These operations are standard for the tool's integration purpose. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes data from UKG Pro HCM (e.g., employee demographics, job history, and notes) which may contain instructions that could influence the agent's behavior.
- Ingestion points: Data enters the agent context through actions described in SKILL.md, including employee demographics, user details, and job history.
- Boundary markers: No explicit boundary markers or 'ignore instructions' directives are specified for the processed data.
- Capability inventory: The skill provides capabilities to execute system commands and perform network requests via the
membraneCLI as documented in SKILL.md. - Sanitization: There is no mention of sanitization, filtering, or validation for the data retrieved from the external API.
Audit Metadata