Skills
skills/membranedev/application-skills/clickhelp/Gen Agent Trust Hub

clickhelp

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Instructs the user to install the Membrane CLI package (@membranehq/cli@latest) from the npm registry, which is a standard requirement for using the vendor's integration platform.
  • [COMMAND_EXECUTION]: Utilizes multiple shell commands via the membrane CLI for authentication (membrane login), connection management (membrane connect), and running actions (membrane action run) to interact with ClickHelp data.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting untrusted content (such as HTML topic content and user profiles) from the ClickHelp API via membrane action run. Ingestion points are located in SKILL.md under the 'Running actions' section. No explicit boundary markers or sanitization steps are documented to isolate this external data from the agent's instructions. The capability inventory includes the ability to execute further subprocesses via the CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 10:49 PM
Security Audit — agent-trust-hub — clickhelp