Skills
skills/membranedev/application-skills/ns1/Gen Agent Trust Hub

ns1

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the official membrane CLI tool to execute actions, manage connections, and handle NS1 resources.
  • [EXTERNAL_DOWNLOADS]: The instructions include downloading the @membranehq/cli package from the public npm registry, which is the official tool provided by the vendor.
  • [PROMPT_INJECTION]: A surface for indirect prompt injection exists in SKILL.md. Untrusted data enters the agent context via the intent parameter in the action list command and the input JSON in the action run command. While these are necessary for the skill's functionality, no explicit boundary markers or sanitization procedures are defined to mitigate malicious instructions embedded in these user-controlled inputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 05:38 PM
Security Audit — agent-trust-hub — ns1