Skills
skills/membranedev/application-skills/uberduck/Gen Agent Trust Hub

uberduck

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the @membranehq/cli package from the official npm registry. This is a vendor-owned tool used to interface with the Membrane platform.
  • [COMMAND_EXECUTION]: Runs membrane CLI commands to perform authentication, service connection, and action execution.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes data from Uberduck, which enters the agent's context as untrusted input.
  • Ingestion points: Data returned from membrane action run calls.
  • Boundary markers: None explicitly defined in the skill instructions.
  • Capability inventory: Action discovery, creation, and execution via the membrane CLI.
  • Sanitization: Not specified in the instructions; relies on the agent's internal processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 09:39 PM