The Agent Skills Directory

[SAFE]: The skill utilizes the @membranehq/cli package for its operations. This is a legitimate vendor resource associated with Membrane, the author of the skill.
[CREDENTIALS_UNSAFE]: The skill adheres to security best practices by utilizing membrane connect and membrane login for authentication. This architecture ensures that sensitive credentials like API keys are managed server-side by the Membrane platform, preventing local exposure or accidental exfiltration by the agent.
[COMMAND_EXECUTION]: The skill instructs the agent to execute membrane CLI commands to manage connections and run actions. These operations are restricted to the intended functional scope of the integration.
[DATA_EXFILTRATION]: The skill presents an inherent surface for indirect prompt injection due to its role in processing external data from Api Void (such as site reputation or DNS info) and interpreting natural language intents.
Ingestion points: Data retrieved from Api Void actions (e.g., check-url-reputation) and user-supplied intent strings in SKILL.md.
Boundary markers: Not explicitly defined in the provided instructions.
Capability inventory: The skill can execute shell commands via the membrane CLI to discover and run actions.
Sanitization: Relies on the underlying Membrane platform for secure interpolation and execution of actions.

api-void