shuttle
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the official npm registry. This package belongs to the skill author's organization and is a requirement for using the provided commands. - [COMMAND_EXECUTION]: The skill provides several shell commands for the
membraneCLI to manage authentication, list connections, and execute actions. These commands are typical for a CLI-based platform integration and operate within the context of the user's Membrane account. - [PROMPT_INJECTION]: The skill includes instructions for searching and creating actions using natural language inputs (
--intent,--description). While this represents a surface for indirect prompt injection, it is a documented feature of the platform's managed environment and is used here for legitimate discovery and automation purposes.
Audit Metadata