Skills
skills/membranedev/application-skills/firehydrant/Gen Agent Trust Hub

firehydrant

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package from the npm registry. This is a well-known service and the package is a core component of the author's ecosystem.
  • [COMMAND_EXECUTION]: Several commands are provided for the membrane CLI to manage authentication (membrane login), service connections (membrane connect), and action execution (membrane action run). These are standard operational commands for this platform.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external sources (FireHydrant incidents, tasks, and artifacts). While this creates a potential surface for indirect prompt injection, it is a standard requirement for the skill's primary function of incident management.
  • Ingestion points: Data returned from membrane action run targeting FireHydrant endpoints.
  • Boundary markers: None explicitly defined in the provided instructions.
  • Capability inventory: The agent has the ability to execute shell commands via the Membrane CLI.
  • Sanitization: Not explicitly documented; relies on the agent's internal safety filters.
  • [DYNAMIC_EXECUTION]: The membrane action create command allows for the dynamic generation of new integration actions based on descriptions. This logic is handled server-side by the Membrane platform.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:19 AM