Skills
skills/membranedev/application-skills/papyrs/Gen Agent Trust Hub

papyrs

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the official @membranehq/cli package from npm. This tool is the authorized interface for the Membrane platform, as noted in the vendor's documentation.- [COMMAND_EXECUTION]: The skill executes membrane CLI commands to manage authentication and run integration tasks. These commands are the standard and expected method for interacting with the platform's features.- [PROMPT_INJECTION]: The skill ingests data from Papyrs pages, users, and forms, creating an indirect prompt injection surface.
  • Ingestion points: Retrieval of action schemas and execution results from Papyrs via the membrane CLI as documented in SKILL.md.
  • Boundary markers: No specific boundary markers or instructions for the agent to disregard potential instructions within the Papyrs data are provided.
  • Capability inventory: The skill can execute actions and dynamically create new ones using the membrane action run and membrane action create commands.
  • Sanitization: The instructions do not define any explicit sanitization or validation of the data retrieved from Papyrs before it is consumed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 09:13 PM
Security Audit — agent-trust-hub — papyrs