Skills
skills/membranedev/application-skills/pagerduty/Gen Agent Trust Hub

pagerduty

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package via npm. This is a vendor-owned resource used for managing the integration.
  • [COMMAND_EXECUTION]: The skill relies on executing shell commands using the membrane CLI to list, create, and run actions against the PagerDuty API.
  • [DYNAMIC_EXECUTION]: The skill utilizes membrane action create, which generates new integration logic on the Membrane platform based on natural language descriptions. While this is a core platform feature, it involves dynamic generation of executable actions.
  • [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from PagerDuty (such as incident notes, descriptions, or user-provided summaries) and presents it to the agent.
  • Ingestion points: Data returned from PagerDuty via membrane action run and membrane action list commands (e.g., incident details, log entries).
  • Boundary markers: No specific delimiters or instructions are provided to the agent to treat external PagerDuty data as untrusted or to ignore embedded instructions.
  • Capability inventory: The agent has the capability to execute further shell commands, create new actions, and run existing actions based on the processed data.
  • Sanitization: There is no evidence of sanitization or filtering of the content retrieved from the PagerDuty API before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 09:29 PM