sendsms
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the official @membranehq/cli package from the NPM registry to interact with the Membrane platform.
- [COMMAND_EXECUTION]: Executes various shell commands using the membrane CLI to manage connections, authenticate users, and invoke SendSMS actions. This includes the creation of new actions via membrane action create, which is a core feature of the integration service.
- [PROMPT_INJECTION]: The skill processes external data from SMS messages and contacts, creating a potential ingestion surface for indirect prompt injection.
- Ingestion points: External data is received in the output field when running actions through the membrane CLI.
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided for the data processed by the agent.
- Capability inventory: The skill can execute commands and generate new logic through the membrane CLI toolset.
- Sanitization: There is no mention of sanitizing or escaping the data retrieved from external SendSMS sources.
Audit Metadata