Skills
skills/membranedev/application-skills/terraform/Gen Agent Trust Hub

terraform

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to manage connections and execute infrastructure actions. These commands are part of the intended integration logic for the Membrane platform.
  • [EXTERNAL_DOWNLOADS]: The instructions direct the installation of the @membranehq/cli package from the npm registry, which is an official tool provided by the skill author's organization.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection (Category 8) by incorporating user-supplied intents and inputs into CLI arguments.
  • Ingestion points: The QUERY string in the --intent flag and JSON data in the --input flag within SKILL.md.
  • Boundary markers: None; input is interpolated directly into the command line strings.
  • Capability inventory: Execution of shell commands via the membrane CLI as described in SKILL.md.
  • Sanitization: No explicit sanitization or validation of the input strings is mentioned in the provided documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 06:48 PM