Skills
skills/membranedev/application-skills/visitor-queue/Gen Agent Trust Hub

visitor-queue

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official @membranehq/cli package from the npm registry. This is a trusted vendor tool required for the skill's functionality.
  • [COMMAND_EXECUTION]: Uses the membrane CLI to manage connections and execute actions. These commands are within the scope of the skill's primary purpose and do not perform unauthorized system modifications.
  • [CREDENTIALS_UNSAFE]: No hardcoded secrets or API keys are present. The skill correctly leverages the CLI's server-side authentication management to avoid exposing sensitive tokens in local scripts or prompts.
  • [PROMPT_INJECTION]: The skill handles natural language input through structured CLI arguments (e.g., --intent "QUERY"). While this introduces a surface for indirect prompt injection, it is considered a low risk within the platform's execution environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 05:06 PM
Security Audit — agent-trust-hub — visitor-queue