overledger
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This package is an official tool provided by the vendor (membranedev) to interact with their platform. - [COMMAND_EXECUTION]: The skill facilitates the execution of shell commands through the
membraneCLI. These commands are used for user authentication, connecting to Overledger, searching for actions, and running integration logic. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes natural language inputs to discover or generate functional actions.
- Ingestion points: Untrusted data enters the context via the
--intentparameter inmembrane action listand theDESCRIPTIONpositional argument inmembrane action create(SKILL.md). - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the command examples.
- Capability inventory: The skill allows the execution of arbitrary actions (
membrane action run) and the creation of new server-side logic (membrane action create). - Sanitization: There is no client-side sanitization or validation of the input strings documented within the skill; sanitization is assumed to be handled by the Membrane platform server-side.
Audit Metadata