txt-werk
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage from the NPM registry. This is the official CLI tool provided by the vendor (Membrane) to manage service connections and execute actions. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI for authentication, action discovery, and execution. These operations are restricted to the scope of the Membrane platform and the connected TXT Werk account. - [CREDENTIALS_UNSAFE]: The skill follows security best practices for credential management. It explicitly instructs the user to let the Membrane platform handle the OAuth lifecycle and advises against asking users for API keys or secrets.
- [INDIRECT_PROMPT_INJECTION]: The skill provides an interface to process and manipulate data from TXT Werk, which constitutes a potential surface for indirect prompt injection if malicious content is stored in the SaaS records.
- Ingestion points: Data enters the agent's context through the output of
membrane action runandmembrane action listcommands. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are provided in the current prompt templates.
- Capability inventory: The skill has the capability to execute API actions and CLI commands via the
membranetool. - Sanitization: The skill does not describe any specific sanitization or filtering of the content retrieved from the external service before it is processed by the agent.
Audit Metadata