phoneburner
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the
@membranehq/clipackage from the official NPM registry to provide the necessary command-line tools for interacting with the Membrane platform. - [COMMAND_EXECUTION]: Executes shell commands via the
membraneCLI to perform authentication, create connections to PhoneBurner, and run API actions. - [PROMPT_INJECTION]: The skill uses natural language intents as parameters for CLI commands, which represents a surface for indirect prompt injection if the inputs are derived from untrusted sources.
- Ingestion points: Untrusted data may enter the agent context through the
--intentparameter in themembrane action listcommand and theDESCRIPTIONparameter inmembrane action create(SKILL.md). - Boundary markers: None present; parameters are interpolated directly into shell command templates.
- Capability inventory: The skill allows searching for, creating, and executing arbitrary API actions via
membrane action runandmembrane action create(SKILL.md). - Sanitization: No specific sanitization or validation of the input query strings is described in the skill instructions.
Audit Metadata