Skills
skills/membranedev/application-skills/circleci/Gen Agent Trust Hub

circleci

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI package (@membranehq/cli) globally via NPM to provide the necessary tooling for the integration.- [COMMAND_EXECUTION]: The agent uses the membrane CLI to perform operations such as listing connections, searching for actions, and executing them. This includes running actions that can modify CircleCI configurations or trigger pipelines.- [PROMPT_INJECTION]: A surface for indirect prompt injection exists because the skill processes untrusted data from the CircleCI API.
  • Ingestion points: External data enters the context through actions like get-job-details, get-job-artifacts, and list-project-env-vars (SKILL.md).
  • Boundary markers: None identified in the prompt instructions to delimit external data from instructions.
  • Capability inventory: The skill can execute shell commands via the membrane CLI and modify remote CircleCI state.
  • Sanitization: No explicit validation or filtering of external content is specified in the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 08:18 AM