woovi
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the agent to install the
@membranehq/clipackage from the npm registry. This is a vendor-owned package used to facilitate secure communication with the Membrane platform. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to perform tasks such as logging in, connecting to services, and executing API actions. - [DATA_EXFILTRATION]: The skill transfers data between the agent's environment and external endpoints (Membrane and Woovi). This is the intended functionality of the integration.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to processing data retrieved from the external Woovi API.
- Ingestion points: External data enters the agent context via
membrane action runandmembrane requestcommands (found inSKILL.md). - Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the provided documentation.
- Capability inventory: The agent has the ability to run shell commands via the CLI, perform network requests, and manage local connections.
- Sanitization: There is no evidence of sanitization or validation applied to the data received from the external API before it is processed by the agent.
- Ingestion points: External data enters the agent context via
Audit Metadata