The Agent Skills Directory

[SAFE]: The skill uses the @membranehq/cli package, which is the official tool provided by the vendor (membranedev/membrane) for managing integrations. This is a standard and expected dependency for the skill's functionality.
[SAFE]: The skill implements secure authentication practices by leveraging membrane login and membrane connect, which handle secrets server-side and prevent the agent from requesting or storing user API keys locally.
[COMMAND_EXECUTION]: The skill provides instructions for the agent to execute shell commands using the Membrane CLI. These commands are used for legitimate integration tasks such as searching, creating, and running actions on the Membrane platform.
[PROMPT_INJECTION]: As an integration skill that retrieves data from CharlieHR (e.g., meeting transcripts, contact records), there is an inherent surface for indirect prompt injection where malicious instructions could be embedded in the retrieved data. Evidence chain: 1. Ingestion points: CharlieHR data via membrane action run. 2. Boundary markers: Absent from the prompt instructions. 3. Capability inventory: Shell command execution via the membrane CLI. 4. Sanitization: Relies on the underlying platform's handling of action inputs and outputs.

charlie