sidekick-ai
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from npm. This is a known tool provided by the vendor (Membrane) to facilitate platform integrations. - [COMMAND_EXECUTION]: The instructions direct the agent to execute various shell commands using the
membraneCLI, such asmembrane login,membrane connect, andmembrane action run. These commands are standard for the tool's operation and are used to interact with the Sidekick AI service. - [DATA_EXFILTRATION]: While the skill accesses meeting data and contacts from Sidekick AI, this data is processed through the Membrane platform as part of the intended functionality. The skill explicitly advises against asking the user for API keys, reducing the risk of credential exposure.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided descriptions to find or create actions (e.g.,
membrane action list --intent "QUERY"). It also ingests data returned from the Sidekick AI API. While this represents a surface for instructions embedded in external data, the risk is mitigated by the scoped nature of the integration and the use of the Membrane intermediary.
Audit Metadata