workable
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the installation of the @membranehq/cli package from the npm registry. This is the official command-line tool provided by the vendor to manage integrations and authentication.
- [COMMAND_EXECUTION]: The skill functionality is implemented through the execution of membrane CLI commands to perform tasks such as logging in, searching for connectors, and running API actions.
- [PROMPT_INJECTION]: The skill retrieves and processes data from Workable, including candidate profiles and activity comments, which creates a potential surface for indirect prompt injection. 1. Ingestion points: Candidate details, application activity logs, and comments retrieved via the Workable API (SKILL.md). 2. Boundary markers: The skill does not define specific delimiters or instructions to ignore instructions embedded in the retrieved data. 3. Capability inventory: The skill can execute various Workable API actions and run shell commands via the membrane CLI (SKILL.md). 4. Sanitization: No data validation or sanitization of the content fetched from Workable is mentioned.
Audit Metadata