google-tasks
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions include the installation of the
@membranehq/clipackage via NPM. This is a trusted tool provided by the skill's author to manage the integration. It is used for standard setup and does not represent a security risk. - [COMMAND_EXECUTION]: The skill documentation describes using the
membraneCLI to authenticate, list connections, and execute actions. These operations are performed by the user to interact with the platform and are consistent with the skill's stated purpose. - [DATA_EXFILTRATION]: The skill uses a mediated connection model where credentials and API interactions are handled server-side by the Membrane platform. This approach minimizes the risk of local credential exposure and unauthorized data exfiltration.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface through its action discovery and creation features, which ingest natural language descriptions.
- Ingestion points: The
--intentandDESCRIPTIONparameters in themembrane action listandmembrane action createcommands (SKILL.md). - Boundary markers: Input parameters are wrapped in quotes within the CLI commands.
- Capability inventory: The skill can list, create, and execute Google Tasks operations such as creating or deleting tasks (SKILL.md).
- Sanitization: The platform is responsible for validating and interpreting the natural language intents before generating or executing corresponding actions.
Audit Metadata