Skills
skills/membranedev/application-skills/abra-flexibee/Gen Agent Trust Hub

abra-flexibee

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the official Membrane CLI (@membranehq/cli) from the public registry. This is a vendor-owned package required for interacting with the Membrane ecosystem.
  • [COMMAND_EXECUTION]: Uses the membrane command-line tool to handle authentication, connect to services, and execute API actions. These operations are essential to the skill's core functionality.
  • [PROMPT_INJECTION]: The skill processes data from the ABRA FlexiBee API and Membrane actions, creating a potential surface for indirect prompt injection if external data contains malicious content.
  • Ingestion points: Output from 'membrane action run' and 'membrane action list' commands (SKILL.md).
  • Boundary markers: Not explicitly implemented in the provided skill instructions.
  • Capability inventory: Shell command execution and dynamic logic generation via the membrane CLI.
  • Sanitization: No explicit validation or filtering logic for retrieved API data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 10:27 PM
Security Audit — agent-trust-hub — abra-flexibee