webinarfuel
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the public NPM registry. This is a legitimate utility provided by the vendor (Membrane) to facilitate platform integrations. - [COMMAND_EXECUTION]: The skill relies on shell commands to interact with the Membrane platform. These commands handle authentication (
membrane login), connection management (membrane connect), and task execution (membrane action run). Authentication is handled via a secure OAuth-style flow or headless authorization codes, avoiding the storage of local secrets. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8). It retrieves action names, descriptions, and schemas from the external Membrane registry via
membrane action list. This data is used to inform the agent's subsequent tool selection and execution. There are no explicit boundary markers or sanitization steps mentioned in the skill instructions to distinguish these external schemas from the core system instructions.
Audit Metadata