The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Membrane CLI (@membranehq/cli) to interact with the Ploi API. Commands like membrane action run and membrane connect are standard for this platform's workflow.
[EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the official NPM registry. This is a legitimate tool provided by the skill's author for infrastructure management.
[DATA_EXFILTRATION]: No data exfiltration patterns were detected. The instructions explicitly advise against requesting API keys from users, recommending instead that authentication be handled through Membrane's secure connection system.
[PROMPT_INJECTION]: The instructions do not contain any attempts to bypass safety filters or override agent behavior. The language is purely instructional and focused on the stated integration purpose.
[INDIRECT_PROMPT_INJECTION]: The skill processes data returned from external Ploi actions through the Membrane CLI. While this represents a theoretical attack surface for untrusted data ingestion (Category 8), it is consistent with the primary purpose of an integration skill and does not implement high-risk local capabilities that would escalate the threat level.
Ingestion points: Data enters the context via the output of membrane action run commands.
Boundary markers: None explicitly defined in the provided markdown instructions.
Capability inventory: The agent utilizes shell execution for the membrane CLI tools.
Sanitization: No specific sanitization logic is described for the data returned from external actions.

ploi