Skills
skills/membranedev/application-skills/flexitime/Gen Agent Trust Hub

flexitime

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI tool from the NPM registry using npm install -g @membranehq/cli@latest.
  • [COMMAND_EXECUTION]: The skill relies on executing various shell commands via the membrane CLI to handle authentication, connection management, and action execution.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). It processes data retrieved from Flexitime (such as timesheet entries or project tasks). If an external attacker places malicious instructions within these records, the agent could potentially execute them when processing the data.
  • Ingestion points: Flexitime data retrieved via membrane action run.
  • Boundary markers: None specified in the instructions.
  • Capability inventory: Subprocess execution via membrane CLI, including the ability to run arbitrary actions created via membrane action create.
  • Sanitization: Not explicitly mentioned in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 08:57 AM