10duke
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the
membraneCLI for all operations, including authentication, connection management, and running 10Duke actions. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from npm. This is a legitimate utility provided by the skill's author (Membrane) to facilitate platform integration. - [DATA_EXFILTRATION]: The skill follows security best practices by instructing the agent to never request or store raw API keys, instead using Membrane's server-side authentication flows.
- [PROMPT_INJECTION]: The skill interacts with external 10Duke data which is subsequently processed by the agent, representing a potential indirect prompt injection surface.
- Ingestion points: Data returned from
membrane action runandmembrane action listis ingested into the agent's context from the SKILL.md file. - Boundary markers: The instructions do not specify the use of delimiters to wrap or isolate the external data.
- Capability inventory: The agent has the ability to execute shell commands via the Membrane CLI as defined in SKILL.md.
- Sanitization: There are no explicit instructions for sanitizing or validating the data retrieved from 10Duke before it is processed.
Audit Metadata