visitor-queue
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via NPM. This is the official command-line interface provided by the vendor to manage integrations. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to perform several operations including authentication, connection management, and executing API actions. This is the intended mechanism for the skill's functionality. - [PROMPT_INJECTION]: The skill ingests untrusted data from the Visitor Queue API (e.g., website visit details and lead information) which is then processed by the agent. This creates a surface for indirect prompt injection.
- Ingestion points: Data enters the context through
membrane action runandmembrane requestcalls inSKILL.md. - Boundary markers: Not explicitly defined in the provided instructions.
- Capability inventory: The skill has the capability to execute shell commands via the Membrane CLI and make network requests through the proxy.
- Sanitization: No specific sanitization or validation of the fetched API data is mentioned in the skill instructions.
Audit Metadata