Skills
skills/membranedev/application-skills/sms-partner/Gen Agent Trust Hub

sms-partner

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package globally via NPM. This is a vendor-owned resource from the skill author (membranedev / membranehq) used to interact with the Membrane platform.
  • [COMMAND_EXECUTION]: The skill relies on executing various shell commands using the membrane CLI tool to log in, connect to services, and run actions. These are standard operations for the tool's intended purpose.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes data from an external source (SMS Partner messages).
  • Ingestion points: Data enters the agent context through the output of membrane action run (e.g., reading SMS messages or conversation history).
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the provided documentation.
  • Capability inventory: The skill has the capability to execute shell commands via the membrane CLI and create new actions on the platform.
  • Sanitization: There is no evidence of sanitization or filtering for the external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 09:11 AM