qwilr
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill integrates with Qwilr, a document automation tool, via the Membrane platform. It follows standard integration practices for this environment.
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the Membrane CLI (
@membranehq/cli) via npm. This is a vendor-owned tool required for the skill's operation. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI for platform operations such aslogin,connect, andaction run. These commands are used to interact with the vendor's service and are expected for this integration. - [DATA_EXPOSURE_AND_EXFILTRATION]: No evidence of sensitive data exposure or unauthorized exfiltration was found. The skill specifically advises letting Membrane handle credentials server-side to avoid local secret storage.
- [INDIRECT_PROMPT_INJECTION]: The skill includes an interface for creating actions based on natural language descriptions (
membrane action create "DESCRIPTION"). This constitutes a data ingestion surface where external input influences action generation. - Ingestion points: The
DESCRIPTIONparameter inmembrane action create. - Boundary markers: Not explicitly present in the command template.
- Capability inventory: Action creation and execution via the Membrane CLI.
- Sanitization: Handled server-side by the Membrane platform.
Audit Metadata