Skills
skills/membranedev/application-skills/logit-io/Gen Agent Trust Hub

logit-io

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the npm registry. This is an official CLI tool provided by the skill's author (Membrane) to facilitate authentication and API interactions.
  • [COMMAND_EXECUTION]: The instructions involve executing various membrane CLI commands to manage authentication (membrane login), create connections (membrane connect), and execute integration logic (membrane action run). These commands are standard for the tool's intended use.
  • [PROMPT_INJECTION]: The skill is designed to ingest and process log data, metrics, and security records from Logit.io. This creates a surface for indirect prompt injection if malicious instructions are embedded within the external logs and subsequently processed by the agent.
  • Ingestion points: External data and log records retrieved from Logit.io via the membrane CLI (SKILL.md).
  • Boundary markers: No specific delimiters or boundary markers for external content are defined in the instructions.
  • Capability inventory: The skill has capabilities for network operations and process execution via the membrane CLI (SKILL.md).
  • Sanitization: No explicit sanitization or validation steps for ingested log content are mentioned in the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 06:50 PM
Security Audit — agent-trust-hub — logit-io