placetel
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage via npm. This is a documented dependency provided by the skill vendor (Membrane) to facilitate service integration. - [COMMAND_EXECUTION]: The skill utilizes the
membranecommand-line tool to manage connections and execute actions. These operations are restricted to the functionality provided by the Membrane platform and do not involve arbitrary shell execution. - [PROMPT_INJECTION]: The skill processes external data from Placetel via
membrane action run. This creates an indirect prompt injection surface as the agent may ingest untrusted content from the phone system. - Ingestion points: Output from
membrane action runin SKILL.md. - Boundary markers: Not present; the instructions do not specify delimiters for external data.
- Capability inventory: Command execution through the
membraneCLI and connection management. - Sanitization: Not present; the skill relies on the agent's default handling of tool outputs.
- [CREDENTIALS_UNSAFE]: The skill explicitly instructs the agent to avoid asking for user credentials (API keys or tokens), directing users toward Membrane's server-side connection management, which is a positive security practice.
Audit Metadata