n8nio
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or data exfiltration detected. The skill correctly identifies Membrane as the authentication handler, avoiding the need for users to provide sensitive API keys directly.
- [EXTERNAL_DOWNLOADS]: Installs the official @membranehq/cli from the NPM registry; this is a legitimate vendor resource used for interacting with the Membrane platform.
- [COMMAND_EXECUTION]: Executes shell commands via the Membrane CLI to perform workflow management and automation tasks as part of its primary functionality.
- [PROMPT_INJECTION]: This skill has an indirect prompt injection surface where untrusted data (user intent or parameters) is ingested via command arguments in SKILL.md. Ingestion points: natural language queries in 'membrane action list' and 'membrane action create', and input JSON in 'membrane action run'. Boundary markers: absent. Capability inventory: shell execution via CLI and package installation. Sanitization: absent. This is a common pattern in automation skills and is considered safe in this context.
Audit Metadata