moonmail
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the NPM registry. This is a vendor-provided tool necessary for the skill's functionality.
- [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to execute shell commands for user authentication, action discovery, and running integration tasks.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection due to its core function of processing external data. Ingestion points: The skill retrieves campaign, template, and report data from MoonMail via membrane action run commands. Boundary markers: There are no explicit instructions or delimiters provided to the agent to isolate and treat the external data as potentially untrusted content. Capability inventory: The agent can perform write operations such as creating or sending campaigns and can dynamically create new actions using the membrane action create command. Sanitization: The skill relies on the Membrane platform's internal logic and schema validation for data sanitization and safe API interaction.
Audit Metadata