customgpt
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the Membrane CLI via NPM (
@membranehq/cli@latest). This is a legitimate tool provided by the skill's author to facilitate secure communication and session management. - [COMMAND_EXECUTION]: The skill operates by executing shell commands using the
membraneCLI. These commands are used to manage authentication, list connections, and execute CustomGPT actions like listing agents or sending messages. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill demonstrates safe security practices by explicitly stating that it manages the full authentication lifecycle server-side with no local secrets, and advises against asking users for API keys.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a data ingestion surface as it retrieves content from CustomGPT conversations and agent configurations. While this data is external and potentially untrusted, the skill functions within the managed Membrane environment which mitigates direct execution risks.
Audit Metadata