vectorizedio
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation and usage of the
@membranehq/clipackage from the npm registry. This is a verified resource belonging to the author's organization for managing Membrane integrations. - [COMMAND_EXECUTION]: The skill relies on executing various shell commands through the
membraneCLI to authenticate users, manage connections, and interact with the Vectorized.io API. These commands are part of the skill's intended primary functionality. - [PROMPT_INJECTION]: The skill processes streaming data and records from Vectorized.io, which presents an indirect prompt injection surface where untrusted external data could potentially contain malicious instructions. Evidence: Ingestion points (CLI command outputs in SKILL.md); Boundary markers (None); Capability inventory (Command execution via Membrane CLI); Sanitization (None). This is documented as a standard risk factor for data-intensive integrations.
Audit Metadata