zephyr-squad-legacy
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'membrane' CLI to perform test management actions like creating executions, listing test cycles, and running ZQL queries. These are standard operations for the target service and are executed via a controlled CLI environment.\n- [EXTERNAL_DOWNLOADS]: The skill documentation instructs users to install the '@membranehq/cli' package from the npm registry. This is a trusted vendor-owned tool essential for the skill's operation.\n- [PROMPT_INJECTION]: The skill processes data from the Zephyr Squad (Legacy) API, creating a surface for potential indirect prompt injection. The risk is minimized by the use of structured CLI commands rather than direct interpretation of external data as instructions.\n
- Ingestion points: Data retrieved from the Zephyr API via 'membrane action list' or 'membrane request' (SKILL.md).\n
- Boundary markers: None explicitly defined in the CLI command templates to separate untrusted data.\n
- Capability inventory: Execution of API actions and proxy requests through the 'membrane' CLI tool (SKILL.md).\n
- Sanitization: Relies on standard shell escaping provided by the environment and the vendor CLI's internal data handling.
Audit Metadata