zoho-people
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the Membrane CLI (
membrane) to manage Zoho People data, list actions, and perform API requests. This includes administrative tasks likemembrane loginandmembrane connect. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage via NPM. This tool is the official CLI provided by the skill author (membranedev) for interacting with their platform and is considered a legitimate dependency for the skill's functionality. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of processing external data.
- Ingestion points: Data is ingested from Zoho People API records, including employee profiles, form entries, reports, and timesheets via
membrane action runandmembrane requestcommands. - Boundary markers: The skill does not define specific boundary markers (e.g., XML tags or delimiters) to separate untrusted data from agent instructions.
- Capability inventory: The agent has the capability to execute arbitrary shell commands via the
membraneCLI and perform network requests through the Membrane proxy. - Sanitization: There are no instructions for sanitizing or escaping the content retrieved from the Zoho People API before it is processed by the agent.
Audit Metadata