Skills
skills/membranedev/application-skills/tripetto/Gen Agent Trust Hub

tripetto

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the official @membranehq/cli package from the NPM registry. This is a trusted vendor resource for platform interaction.
  • [COMMAND_EXECUTION]: Uses the membrane CLI for managing connections and executing actions. These commands are standard for the skill's functionality.
  • [PROMPT_INJECTION]: Indirect injection risk surface exists through data returned from Tripetto actions. Ingestion point: membrane action run output. Boundary markers: None. Capabilities: CLI execution for action management. Sanitization: None. This is a standard risk for data-processing skills.
  • [CREDENTIALS_UNSAFE]: The skill avoids local secret exposure by using Membrane's managed connection system instead of handling user secrets directly.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 01:42 AM