newslit
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/clipackage from the NPM registry and recommends usingnpxto discover actions. These resources are part of the vendor's official ecosystem on a well-known registry. - [COMMAND_EXECUTION]: The instructions guide the agent to perform shell commands using the
membraneCLI for authentication, connection management, and running actions. These operations are required for the primary functionality of the skill. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface as it is designed to retrieve and process news articles from the web. Maliciously crafted articles could attempt to influence the agent's behavior via embedded instructions.
- Ingestion points: News article data and search results retrieved via the
membrane action runcommand inSKILL.md. - Boundary markers: Not present; the instructions do not implement specific delimiters or 'ignore' instructions for the external content.
- Capability inventory: The skill uses the CLI to execute actions (
action run) and dynamically create new logic (action create) as seen inSKILL.md. - Sanitization: No explicit validation or filtering of article content is documented.
Audit Metadata