The Agent Skills Directory

[SAFE]: The skill utilizes the vendor's official CLI tool (@membranehq/cli) for all operations. Installations from the official NPM registry for a recognized vendor are considered standard and safe practices.
[DATA_EXPOSURE]: The skill instructions explicitly direct users and agents away from handling raw API keys or tokens, instead using a connection-based model where authentication is handled securely by the vendor's infrastructure.
[INDIRECT_PROMPT_INJECTION]: Several commands allow for natural language input (e.g., --intent "QUERY" or action create "DESCRIPTION"). While these are ingestion points for potentially untrusted data, the impact is restricted to the search and creation of actions within the vendor's platform, which is the primary intended purpose of the skill.

mercado-libre