Skills
skills/membranedev/application-skills/givingfuel/Gen Agent Trust Hub

givingfuel

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from npm. This is a legitimate tool provided by the skill's author (membrane) and is necessary for the skill's functionality.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands to interact with the Membrane CLI tool (e.g., membrane login, membrane action run). These commands are standard for the intended integration and do not perform unauthorized system modifications.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials or unsafe practices were detected. The skill explicitly advises against asking users for secrets and utilizes a secure login flow managed by the platform.
  • [PROMPT_INJECTION]: The skill processes donor and transaction data from GivingFuel, which represents a surface for indirect prompt injection. This is a common characteristic of data-processing skills and is handled neutrally.
  • Ingestion points: Output from membrane action run (e.g., list-forms, search-customers).
  • Boundary markers: Not explicitly defined in the prompt templates.
  • Capability inventory: Shell command execution via the membrane CLI.
  • Sanitization: Not specified; the skill relies on the agent's built-in safety filters for processing external data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 01:12 PM