dailybot
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from npm. This is the official command-line interface for the Membrane platform described in the skill documentation. - [COMMAND_EXECUTION]: The instructions utilize shell commands (e.g.,
membrane login,membrane action run) to manage resources and interact with the DailyBot API through the Membrane provider. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it ingests untrusted data from an external source.
- Ingestion points: Data enters the agent context through actions such as
list-users,list-check-ins, andget-check-in-responsesdefined inSKILL.md. - Boundary markers: None identified in the provided instructions.
- Capability inventory: The skill can perform state-changing operations like
create-check-in,update-user, andsend-messageviamembrane action runas described inSKILL.md. - Sanitization: There are no explicit instructions for the agent to sanitize or validate the content retrieved from DailyBot before processing it.
Audit Metadata