Skills
skills/membranedev/application-skills/docmosis/Gen Agent Trust Hub

docmosis

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI from npm.
  • Evidence: npm install -g @membranehq/cli@latest in SKILL.md.
  • Source: Official npm registry, belonging to the skill's vendor (Membrane).
  • [COMMAND_EXECUTION]: The skill uses the membrane command-line tool to perform operations.
  • Evidence: membrane login, membrane connect, membrane action list, and membrane action run in SKILL.md.
  • Purpose: These commands are used for legitimate authentication and to interact with the Docmosis API through the Membrane gateway.
  • [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection via user-controlled intent and description strings.
  • Ingestion points: membrane action list --intent "QUERY" and membrane action create "DESCRIPTION" in SKILL.md.
  • Boundary markers: Absent. The instructions do not specify delimiters for these strings.
  • Capability inventory: The membrane CLI can perform network operations and execute generated actions.
  • Sanitization: Absent. The skill does not specify any sanitization for the input variables.
  • Note: This represents the standard vulnerability surface for natural-language-to-action tools and is considered low risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 08:48 PM