Skills
skills/membranedev/application-skills/token-metrics/Gen Agent Trust Hub

token-metrics

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package globally via NPM. This is a vendor-provided tool required for the skill's operation.- [COMMAND_EXECUTION]: The skill uses shell commands (e.g., membrane action list, membrane action run) to interact with the Token Metrics API via the Membrane platform.- [CREDENTIALS_UNSAFE]: The skill explicitly instructs the agent to avoid asking users for secrets or API keys, instead utilizing the membrane connect command to handle authentication server-side.- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by interpolating user-provided intent and descriptions into CLI commands.
  • Ingestion points: QUERY in membrane action list and DESCRIPTION in membrane action create (SKILL.md).
  • Boundary markers: Absent; user input is passed directly as command arguments.
  • Capability inventory: Shell command execution via the membrane CLI (SKILL.md).
  • Sanitization: Absent; no specific sanitization instructions are provided in the skill markdown.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 03:05 PM
Security Audit — agent-trust-hub — token-metrics