zenkraft
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clitool from the npm registry to facilitate communication with the Zenkraft service through the Membrane platform. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform operations such as authentication, connection management, and execution of shipping-related actions. - [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection through data ingestion.
- Ingestion points: Data is ingested from the Zenkraft API via action execution and proxy requests defined in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions to the agent to ignore instructions embedded within the ingested data.
- Capability inventory: The skill allows for shell command execution via the
membraneCLI. - Sanitization: No explicit sanitization or verification of the external API data is performed before it is processed by the agent.
Audit Metadata