Skills
skills/membranedev/application-skills/newsletter/Gen Agent Trust Hub

newsletter

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires installing the @membranehq/cli package globally via NPM. This tool is an official resource provided by the vendor to interface with the Membrane platform.
  • [COMMAND_EXECUTION]: Executes shell commands using the membrane CLI to manage connections and run actions related to newsletter services.
  • [DATA_EXFILTRATION]: Employs a secure authentication flow (membrane login) where credentials are managed server-side, preventing the agent from needing to store or handle sensitive API keys directly.
  • [PROMPT_INJECTION]: The skill accepts natural language strings for intent-based searching and dynamic action creation, which presents a surface for indirect prompt injection if processed data is untrusted. Ingestion points: --intent and action create parameters in SKILL.md. Boundary markers: None present. Capability inventory: Ability to execute platform actions via the CLI. Sanitization: Not explicitly defined in instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 10:37 PM