Skills
skills/membranedev/application-skills/formbricks/Gen Agent Trust Hub

formbricks

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package from NPM. This is a vendor-provided tool from the author (Membrane) and is considered a safe dependency for the intended purpose of the skill.
  • [COMMAND_EXECUTION]: The instructions utilize shell commands through the membrane CLI to manage connections and execute actions. These commands are part of the core functionality of the skill and do not include arbitrary or dangerous execution patterns.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes external survey data and responses from Formbricks.
  • Ingestion points: Data is ingested via the membrane action run command (e.g., listing responses or people) in SKILL.md.
  • Boundary markers: The provided instructions do not specify the use of delimiters or 'ignore' instructions when the agent processes the retrieved survey content.
  • Capability inventory: The skill allows the agent to create and run actions via the CLI, providing a path for influence if survey data contains malicious instructions.
  • Sanitization: There is no mention of sanitization or filtering of the survey data before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 04:32 PM