Skills
skills/membranedev/application-skills/okra/Gen Agent Trust Hub

okra

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill specifies the installation of the @membranehq/cli package via npm, which is the official tool from the vendor for managing integrations.
  • [COMMAND_EXECUTION]: The agent is instructed to use the membrane command-line tool for authentication, connection management, and running API actions.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes data from external sources (the Okra API and the Membrane action registry).
  • Ingestion points: Output from membrane action list and membrane action run commands.
  • Boundary markers: The instructions lack explicit boundary markers or directives to ignore instructions that might be embedded in the retrieved data.
  • Capability inventory: The skill provides capabilities to execute shell commands and interact with external financial data.
  • Sanitization: No data sanitization or validation logic is specified for the content retrieved from external API calls.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 01:44 AM