Skills
skills/membranedev/application-skills/amazon-athena/Gen Agent Trust Hub

amazon-athena

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the @membranehq/cli package from the public NPM registry. This is the official tool provided by the vendor for platform interaction.
  • [COMMAND_EXECUTION]: Uses shell commands via the membrane CLI to authenticate users, manage cloud connections, and run data queries.
  • [DATA_EXFILTRATION]: Connects to getmembrane.com to handle authentication and action execution, which is the expected behavior for this platform-based skill.
  • [PROMPT_INJECTION]: Processes data retrieved from Amazon Athena. This creates a surface for indirect prompt injection, as the agent may process untrusted SQL query results.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 11:36 PM