wrike
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/clitool from the npm registry. This package belongs to the vendor and is used to manage integration logic. - [COMMAND_EXECUTION]: The skill provides instructions to execute various
membraneCLI commands for logging in, connecting to Wrike, and running actions. These are necessary for the skill's primary function and authentication flow. - [PROMPT_INJECTION]: The skill interacts with external data from Wrike, creating a potential surface for indirect prompt injection.
- Ingestion points: Data is retrieved via
list-comments,list-tasks, andget-task(SKILL.md). - Boundary markers: No specific delimiters are provided to isolate untrusted Wrike content from agent instructions.
- Capability inventory: The skill can execute actions via
membrane action runand arbitrary API requests viamembrane request(SKILL.md). - Sanitization: No explicit content sanitization or validation is mentioned in the prompt instructions.
- [SAFE]: No malicious patterns such as obfuscation, credential theft, or unauthorized persistence were identified. The use of a managed CLI for authentication follows security best practices by avoiding local storage of secrets.
Audit Metadata