Skills
skills/membranedev/application-skills/talenox/Gen Agent Trust Hub

talenox

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the npm registry, which is a standard procedure for this vendor's ecosystem.
  • [COMMAND_EXECUTION]: The instructions involve executing various membrane CLI commands to authenticate, discover actions, and interact with the Talenox API.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data from the Talenox API (employee profiles, reports, etc.).
  • Ingestion points: API responses from membrane action run and membrane request.
  • Boundary markers: Absent from the instructions.
  • Capability inventory: The agent has the ability to execute shell commands via the CLI and perform network requests.
  • Sanitization: No explicit sanitization or validation of the ingested API data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 11:50 PM