Skills
skills/membranedev/application-skills/heysummit/Gen Agent Trust Hub

heysummit

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from the HeySummit API (e.g., attendee details, talk descriptions) which could contain malicious instructions.
  • Ingestion points: HeySummit API via list-talks, get-attendee, and other read actions.
  • Boundary markers: None identified in the provided instructions.
  • Capability inventory: Execution of shell commands via the membrane CLI, including creating and running new actions.
  • Sanitization: No explicit sanitization of external content is mentioned.
  • [EXTERNAL_DOWNLOADS]: The instructions include a command to install @membranehq/cli from the official npm registry. This is a vendor-owned resource used to facilitate the integration.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands through the membrane CLI to manage connections and execute actions. These commands are part of the core functionality of the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 09:12 AM