vtiger
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the @membranehq/cli Node package via npm. This is an official vendor package required for the skill to interact with the Membrane platform.
- [COMMAND_EXECUTION]: The skill uses various membrane CLI commands to perform CRM operations like querying, creating, and updating records. These commands are used within the scope of the skill's intended purpose.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from Vtiger CRM, which constitutes an indirect prompt injection surface. 1. Ingestion points: CRM record data retrieved via query-records and retrieve-record actions. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided in the documentation. 3. Capability inventory: The skill allows for data modification and arbitrary API requests via membrane action run and membrane request. 4. Sanitization: No specific data sanitization or filtering is mentioned.
- [SAFE]: The skill implements secure authentication by leveraging a managed proxy system, which prevents the need for users to manually enter or store sensitive CRM API keys within the agent's environment.
Audit Metadata