Skills
skills/membranedev/application-skills/scopemaster/Gen Agent Trust Hub

scopemaster

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires installing the '@membranehq/cli' package globally via npm, which is the official tool from the skill's author.
  • [COMMAND_EXECUTION]: It uses the 'membrane' command-line interface to manage authentication, list service connections, and execute actions.
  • [REMOTE_CODE_EXECUTION]: The skill uses 'membrane action run' and 'membrane action create' to execute logic on the Membrane remote platform, which is the intended primary use case for this integration.
  • [PROMPT_INJECTION]: The skill processes untrusted data (user stories, requirements) ingested from ScopeMaster, creating a surface for indirect prompt injection. 1. Ingestion points: Data retrieved via 'membrane action run' and 'action list' from the ScopeMaster service. 2. Boundary markers: No explicit delimiters or instructions are used to isolate this external content from the agent's core logic. 3. Capability inventory: The skill can execute platform actions, create new logic, and manage service connections via the CLI. 4. Sanitization: No evidence of sanitization or filtering of incoming requirements data is present in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 08:12 PM
Security Audit — agent-trust-hub — scopemaster