Skills
skills/membranedev/application-skills/keysender/Gen Agent Trust Hub

keysender

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the npm registry. This is a vendor-owned resource required to manage connections and execute actions within the Membrane ecosystem.
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands using the membrane CLI, including login, connect, and action run. These commands are used to orchestrate the integration between the agent and the Keysender service.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external data from the Keysender service.
  • Ingestion points: Data retrieved from action results and intent-based action searches as described in SKILL.md.
  • Boundary markers: Not present; the instructions do not specify the use of delimiters when handling external content.
  • Capability inventory: The skill provides capabilities to run and create actions through the membrane CLI in SKILL.md.
  • Sanitization: There is no mention of sanitization or filtering of data received from external sources before it reaches the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 12:51 PM