Skills
skills/membranedev/application-skills/campayn/Gen Agent Trust Hub

campayn

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI (@membranehq/cli) from the public NPM registry. This is a vendor-owned resource used for the skill's primary functionality.
  • [COMMAND_EXECUTION]: The skill relies on executing membrane CLI commands to manage authentication, discover actions, and perform API operations. These are standard operations within the Membrane ecosystem.
  • [PROMPT_INJECTION]: Indirect prompt injection surface detected where user-provided strings are passed to discovery and creation commands.
  • Ingestion points: intent parameter in membrane action list and DESCRIPTION in membrane action create.
  • Boundary markers: None present in command string construction.
  • Capability inventory: membrane action run (network-enabled API execution).
  • Sanitization: Handled by the CLI implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 07:38 PM
Security Audit — agent-trust-hub — campayn