Skills
skills/membranedev/application-skills/zyte-api/Gen Agent Trust Hub

zyte-api

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the official Membrane CLI package (@membranehq/cli) from the npm registry to enable interaction with the Zyte API.
  • [COMMAND_EXECUTION]: Uses the membrane command-line interface to manage authentication, list connections, and run data extraction actions.
  • [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where natural language intents or descriptions are passed to the CLI to discover or create actions.
  • Ingestion points: Command parameters for --intent in membrane action list and the DESCRIPTION argument in membrane action create.
  • Boundary markers: None explicitly defined in the instruction templates.
  • Capability inventory: The skill can create and execute actions that interact with external web services.
  • Sanitization: Input processing and validation are handled by the Membrane platform.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 03:19 PM
Security Audit — agent-trust-hub — zyte-api