winston-ai
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is a standard installation procedure for the vendor's own command-line interface used to facilitate the integration. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform actions such as logging in, searching for connectors, and running actions. These commands are part of the intended functionality for interacting with the Winston AI API through the Membrane platform. - [PROMPT_INJECTION]: As the skill is designed to process content for AI detection and retrieve reports from Winston AI, there is an inherent risk of indirect prompt injection if the processed data contains malicious instructions.
- Ingestion points: Data is ingested through
membrane action runandmembrane requestcalls that fetch scan results and reports. - Boundary markers: None explicitly defined in the provided instructions to isolate untrusted data.
- Capability inventory: The agent can execute shell commands via the
membraneCLI and make network requests through themembrane requestproxy. - Sanitization: No specific sanitization or filtering of the retrieved content is mentioned.
Audit Metadata