zeet
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
membraneCLI to interact with Zeet, including managing connections and executing actions. This is the intended operational mode for the skill. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from npm. This is a vendor-owned resource belonging to the author of the skill. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it processes data retrieved from an external service (Zeet).
- Ingestion points: Data enters the agent's context through the output of commands like
membrane action run,membrane action list, andmembrane request(SKILL.md). - Boundary markers: Absent. The skill does not use specific delimiters or instructions to help the agent distinguish between its own logic and data retrieved from Zeet.
- Capability inventory: The skill has the ability to execute CLI commands and perform network requests via a proxy (SKILL.md).
- Sanitization: There is no mention of sanitizing or validating the data returned from the Zeet API before it is processed by the agent.
Audit Metadata