veeva-vault
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the @membranehq/cli package from the official NPM registry to enable platform-specific operations.
- [COMMAND_EXECUTION]: Uses the membrane CLI to perform authentication, connection management, and execution of Veeva Vault actions.
- [PROMPT_INJECTION]: The skill ingests untrusted data from the Veeva Vault API, creating a surface for indirect prompt injection. Evidence: 1. Ingestion points: Output from 'membrane action run' and 'membrane request' commands. 2. Boundary markers: Absent. 3. Capability inventory: Shell command execution via the membrane binary. 4. Sanitization: No filtering or validation of external API responses is implemented.
Audit Metadata