Skills
skills/membranedev/application-skills/qadeputy/Gen Agent Trust Hub

qadeputy

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the Membrane CLI tool from the public npm registry to facilitate communication with the QADeputy API.
  • Evidence: npm install -g @membranehq/cli@latest
  • [COMMAND_EXECUTION]: The skill utilizes several shell commands via the membrane CLI for authentication, connection management, and executing actions within the QADeputy environment.
  • Evidence: Commands such as membrane login, membrane connect, and membrane action run are used to interface with the platform.
  • [DATA_EXFILTRATION]: No evidence of unauthorized data exfiltration was found. The skill explicitly instructs the agent to avoid asking for user secrets (API keys/tokens), favoring Membrane's secure connection management which keeps credentials on the server side.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes data from the external QADeputy API which could theoretically contain malicious instructions.
  • Ingestion points: Output from membrane action run (SKILL.md).
  • Boundary markers: Absent; the skill does not explicitly define delimiters for external data.
  • Capability inventory: Subprocess execution via membrane CLI across multiple commands (SKILL.md).
  • Sanitization: No explicit sanitization or validation of the external API response is documented.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 05:17 PM