Skills
skills/membranedev/application-skills/swoogo/Gen Agent Trust Hub

swoogo

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package from the official NPM registry. This tool is provided by the vendor to manage integrations.
  • [COMMAND_EXECUTION]: The skill uses shell commands to interact with the Membrane CLI for logging in, creating connections, and executing actions on the Swoogo platform.
  • [PROMPT_INJECTION]: The skill processes data from external Swoogo events which represents a potential surface for indirect prompt injection if the ingested data contains malicious instructions.
  • Ingestion points: Data returned from membrane action run commands in SKILL.md.
  • Boundary markers: Not specified in the skill instructions.
  • Capability inventory: The agent can create and execute actions via the CLI as described in SKILL.md.
  • Sanitization: No explicit sanitization or validation of the ingested data is described in the skill body.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 12:38 PM
Security Audit — agent-trust-hub — swoogo