Skills
skills/membranedev/application-skills/riddle-quiz-maker/Gen Agent Trust Hub

riddle-quiz-maker

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package from the npm registry, which is the official tool provided by the vendor for this integration.
  • [COMMAND_EXECUTION]: The skill uses the membrane CLI tool to perform authentication and execute actions against the Riddle Quiz Maker API.
  • [PROMPT_INJECTION]: The skill processes data from an external API, creating a potential surface for indirect prompt injection.
  • Ingestion points: Results from membrane action run calls.
  • Boundary markers: None are explicitly defined in the instructions.
  • Capability inventory: Includes network access and shell command execution via the CLI.
  • Sanitization: No explicit sanitization of API data is mentioned in the logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 01:10 AM
Security Audit — agent-trust-hub — riddle-quiz-maker