phonecom
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli package from the official npm registry to facilitate platform interactions.
- [COMMAND_EXECUTION]: Uses the membrane CLI to perform operations such as authentication, action discovery, and execution.
- [PROMPT_INJECTION]: The skill ingests untrusted data through the intent and description parameters in the membrane action list and create commands in SKILL.md. While this is an intended feature of the Membrane platform, it creates a surface for indirect instructions to influence generated actions. Boundary markers and sanitization are not explicitly defined in the provided instructions, and the agent can execute the resulting actions via membrane action run.
Audit Metadata