Skills
skills/membranedev/application-skills/tune/Gen Agent Trust Hub

tune

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from npm. This is a standard and expected dependency provided by the vendor (Membrane) to enable communication with their platform.
  • [COMMAND_EXECUTION]: The instructions utilize the membrane CLI to perform various tasks such as logging in, connecting to TUNE, and running actions. These commands are the intended way to use the skill and do not involve unauthorized privilege escalation or malicious persistence.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it ingests data from external TUNE actions and processes natural language intents.
  • Ingestion points: Data enters the context via the results of membrane action list and membrane action run commands, as described in SKILL.md.
  • Boundary markers: The instructions do not specify any delimiters or special handling to separate external data from system instructions.
  • Capability inventory: The skill uses the membrane CLI to execute actions and manage service connections.
  • Sanitization: No evidence of output sanitization or validation of data retrieved from the TUNE API is provided.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 03:19 AM
Security Audit — agent-trust-hub — tune