fena
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line interface to perform operations such as authentication, listing connections, and executing actions. These commands are necessary for the skill's documented functionality. - [EXTERNAL_DOWNLOADS]: The instructions include installing the
@membranehq/clipackage from npm. This is an official vendor resource used to facilitate the integration with the Membrane platform. - [CREDENTIALS_UNSAFE]: The skill explicitly advises against asking users for API keys or secrets, instead using a secure connection-based authentication flow managed by the Membrane platform.
- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface where user-provided descriptions are used to dynamically create actions via
membrane action create. While this involves processing natural language to generate functionality, it is a core feature of the platform and does not exhibit malicious patterns in the static instructions.
Audit Metadata