Skills
skills/membranedev/application-skills/webmerge/Gen Agent Trust Hub

webmerge

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the official NPM registry. This is a legitimate vendor tool provided by the Membrane platform for service integration.
  • [COMMAND_EXECUTION]: The skill uses the membrane CLI for platform-related tasks including login, connection management, and running actions. These are standard operations for the tool's intended use.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection (Category 8) due to how it handles external data. 1. Ingestion points: Output from membrane action run and membrane action list in SKILL.md. 2. Boundary markers: The skill does not specify markers or explicit ignore-instructions for the agent when processing retrieved action data. 3. Capability inventory: The skill has the capability to run actions and create new ones based on descriptions via the membrane CLI. 4. Sanitization: No sanitization of output from WebMerge actions is mentioned or implemented in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 06:55 PM
Security Audit — agent-trust-hub — webmerge