Skills
skills/membranedev/application-skills/budibase/Gen Agent Trust Hub

budibase

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli NPM package. This is a trusted vendor tool used for platform interactions.
  • [COMMAND_EXECUTION]: Uses shell commands through the membrane utility for managing connections and executing actions. These are legitimate operations for the skill's purpose.
  • [DATA_EXFILTRATION]: Employs secure best practices by using Membrane's server-side connection management, ensuring that sensitive credentials like API keys are not handled or stored locally by the agent.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from Budibase records. 1. Ingestion points: Budibase app data, tables, and rows (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: CLI access to create and run actions via membrane action run (SKILL.md). 4. Sanitization: Not specified in the current skill documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 04:46 PM