Skills
skills/membranedev/application-skills/octolis/Gen Agent Trust Hub

octolis

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the npm registry, which is the official tool for the Membrane platform.
  • [COMMAND_EXECUTION]: The agent is instructed to use the membrane CLI for authentication, connection management, and executing data actions.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by retrieving and processing data from the Octolis API via the CLI.
  • Ingestion points: Data from the membrane action run and membrane action list commands is incorporated into the agent's context.
  • Boundary markers: No specific delimiters or instructions are provided to help the agent distinguish between data and instructions within the external output.
  • Capability inventory: The skill is capable of executing system commands via the CLI and installing global npm packages.
  • Sanitization: No evidence of sanitization or validation of the data retrieved from external actions is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 06:08 PM