zoho-salesiq
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clipackage from the npm registry. This is a vendor-owned package used to facilitate secure communication with the Membrane platform. - [COMMAND_EXECUTION]: The instructions involve executing various
membraneCLI commands to manage connections and run actions. These operations are standard for the platform's workflow and occur within the user's terminal context. - [PROMPT_INJECTION]: The skill retrieves visitor data and chat messages from Zoho SalesIQ, which constitutes an ingestion point for untrusted external data, creating a potential surface for indirect prompt injection.
- Ingestion points: Data enters the context via
membrane action runandmembrane request(SKILL.md). - Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands in the retrieved Zoho data.
- Capability inventory: The skill uses CLI commands (
membrane) and network proxy requests to interact with external APIs. - Sanitization: There is no mention of sanitization or filtering of the content retrieved from Zoho SalesIQ before it is processed by the agent.
Audit Metadata