google-my-business
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user/agent to install the Membrane CLI using the command
npm install -g @membranehq/cli@latest. This is a standard installation of the vendor's official tool. - [COMMAND_EXECUTION]: The skill provides various shell commands for the
membraneCLI to manage accounts, connections, and actions. These are legitimate operations within the scope of the skill's purpose to manage Google My Business data. - [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it retrieves data from external sources like Google My Business reviews and questions.
- Ingestion points: External data is ingested via
membrane action run(e.g.,list-answers,list-questions). - Boundary markers: None explicitly defined in the instructions for separating untrusted data from the system prompt.
- Capability inventory: The skill can execute CLI commands and run actions through the Membrane platform.
- Sanitization: Standard sanitization is expected to be handled by the underlying Membrane CLI and agent platform.
Audit Metadata