Skills
skills/membranedev/application-skills/facebook-messenger/Gen Agent Trust Hub

facebook-messenger

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the npx @membranehq/cli@latest command for authentication, connection management, and executing actions against the Facebook Messenger API. This is the standard method for interacting with the vendor's platform.
  • [EXTERNAL_DOWNLOADS]: The skill invokes npx, which downloads the @membranehq/cli package from the npm registry at runtime. As this is the official tool provided by the vendor, it is considered a legitimate resource.
  • [REMOTE_CODE_EXECUTION]: The use of npx involves downloading and executing code from a remote registry. This is evaluated as safe here because the source and package are established vendor components for this skill.
  • [PROMPT_INJECTION]: The skill is designed to process data from Facebook Messenger, such as message content and user stories, which serves as an ingestion point for untrusted data. While the agent has command execution capabilities via the CLI, the skill does not currently define specific sanitization or boundary markers for this content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 07:02 AM
Security Audit — agent-trust-hub — facebook-messenger