Skills
skills/membranedev/application-skills/sendpulse/Gen Agent Trust Hub

sendpulse

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill utilizes the @membranehq/cli package, which is a vendor-owned tool for interacting with the Membrane platform. The installation process follows standard Node.js package management practices.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external data from SendPulse.
  • Ingestion points: External data is retrieved and processed through membrane action run outputs.
  • Boundary markers: Absent. The instructions do not define clear delimiters for untrusted data.
  • Capability inventory: The skill allows the agent to run actions on the SendPulse platform, such as sending emails and managing campaigns.
  • Sanitization: Absent. The skill relies on the underlying platform for data handling and does not specify manual sanitization steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 08:13 PM