groovehq
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from npm. This is a legitimate tool provided by the skill's author (membranedev) to facilitate the integration. - [COMMAND_EXECUTION]: The skill uses the
membranecommand-line interface to perform actions such as logging in, connecting to services, and executing API tasks. These commands are part of the intended functionality and are executed within the context of the vendor's ecosystem. - [DATA_EXFILTRATION]: The skill explicitly advises against asking users for API keys or tokens, directing them to use a managed connection instead. This is a security best practice that reduces the risk of credential exposure.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external sources (GrooveHQ tickets, customers, and messages).
- Ingestion points: Data enters the agent context through commands like
membrane action run(e.g., listing tickets or messages). - Boundary markers: None explicitly defined in the prompt instructions.
- Capability inventory: The agent can execute CLI commands and dynamically create new actions using
membrane action create. - Sanitization: No specific sanitization or escaping instructions are provided for the content retrieved from GrooveHQ. This represents a standard surface for indirect prompt injection, though it is consistent with the skill's primary purpose.
Audit Metadata