workfront
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the global installation of the '@membranehq/cli' package from npm. This package is the official command-line interface provided by the skill author for interacting with the Membrane platform.
- [COMMAND_EXECUTION]: Instructs the agent to execute shell commands using the 'membrane' CLI. This includes logging in, connecting to services, and running specific Workfront actions or proxying raw API requests.
- [PROMPT_INJECTION]: Contains a vulnerability surface for indirect prompt injection. Since the skill is designed to fetch and manage data from Adobe Workfront (an external, potentially multi-user system), malicious content within the Workfront data could be interpreted as instructions by the agent.
- Ingestion points: The skill retrieves data from the Workfront API via 'membrane action run' and 'membrane request' commands.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to treat Workfront data as untrusted or to ignore embedded commands.
- Capability inventory: The agent has the ability to execute shell commands through the CLI and perform network requests.
- Sanitization: There is no evidence of sanitization or validation of the external content before it is processed by the agent.
Audit Metadata