Skills
skills/membranedev/application-skills/proworkflow/Gen Agent Trust Hub

proworkflow

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package from the npm registry to enable interaction with the Membrane platform. This is a vendor-provided tool required for the skill's operation.
  • [COMMAND_EXECUTION]: Instructs the agent to use CLI commands for authentication, action discovery, and running ProWorkflow operations. These commands are part of the intended functionality for managing project data.
  • [PROMPT_INJECTION]: The skill processes data from ProWorkflow which could contain indirect instructions. 1. Ingestion points: Data retrieved from ProWorkflow actions via the membrane action run command. 2. Boundary markers: Not explicitly defined in the instructions. 3. Capability inventory: Subprocess calls to the membrane CLI for reading and writing ProWorkflow data, and creating new actions. 4. Sanitization: Not explicitly mentioned in the provided skill content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 10:53 PM