doppler
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI (
@membranehq/cli) via npm. This is a vendor-provided tool necessary for the skill's primary functionality. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to manage authentication, list connections, and execute actions. These commands are restricted to the context of the Membrane platform and Doppler integration. - [INDIRECT_PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection as it ingests data from external actions (
membrane action run). - Ingestion points: Output from Doppler actions processed via the
membraneCLI. - Boundary markers: None specified in the instructions.
- Capability inventory: The skill can execute actions on the Membrane platform, including creating and running new actions based on descriptions.
- Sanitization: No explicit sanitization or validation of data retrieved from Doppler is mentioned, though the skill promotes using the platform's pre-built logic for secure communication.
Audit Metadata