The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on the membrane CLI tool to perform various integration tasks, such as managing connections, searching for actions, and executing them.
[EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the official npm registry. This package is maintained by the vendor and is used as the primary interface for the skill's functionality.
[DATA_EXFILTRATION]: The skill follows security best practices by using the Membrane platform's connection management to handle authentication. It explicitly avoids asking the user for sensitive API keys or tokens, managing the authentication lifecycle server-side instead.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves data from external sources (Mason actions) which could contain malicious instructions.
Ingestion points: Data returned by the membrane action list and membrane action run commands, which originate from the external Mason platform.
Boundary markers: There are no specific delimiters or instructions provided to the agent to distinguish between the retrieved data and its own instructions, nor to ignore any potential commands embedded within that data.
Capability inventory: The agent has the ability to execute further commands via the membrane CLI, including creating new actions (membrane action create) and running them with user-supplied or data-driven parameters.
Sanitization: No explicit sanitization, validation, or filtering of the content retrieved from Mason is documented before it is processed by the agent.

mason