waiverfile
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill correctly delegates authentication to the Membrane platform, ensuring that no sensitive API keys or tokens are stored locally or handled by the agent directly.\n- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clitool, which is an expected vendor resource used to facilitate communication with the Membrane platform.\n- [COMMAND_EXECUTION]: The skill utilizes themembranecommand-line tool to perform authorized actions and requests against the WaiverFile API.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing external data from the WaiverFile service.\n - Ingestion points: Data enters the agent context through the output of
membrane action runandmembrane requestcommands in SKILL.md.\n - Boundary markers: The instructions do not define delimiters to isolate external API data from agent instructions.\n
- Capability inventory: The skill has the ability to execute shell commands via the
membraneCLI tool.\n - Sanitization: There is no explicit validation or sanitization of data retrieved from the WaiverFile API.
Audit Metadata