Skills
skills/membranedev/application-skills/sendbird/Gen Agent Trust Hub

sendbird

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the npm registry, which is the official CLI tool for the Membrane platform.
  • [COMMAND_EXECUTION]: The skill uses the membrane CLI to perform actions such as logging in, connecting services, and running specific tasks.
  • [REMOTE_CODE_EXECUTION]: The membrane action create command enables the dynamic generation of actions on the Membrane platform, which are subsequently managed and executed via the CLI.
  • [PROMPT_INJECTION]: The skill processes natural language input via the intent and description parameters in SKILL.md. This input influences action selection and creation. While quotes are used as boundary markers in examples, the absence of explicit sanitization for these parameters poses a surface for indirect prompt injection, particularly as the agent can execute these actions using the membrane action run capability.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 11:22 PM
Security Audit — agent-trust-hub — sendbird