1msg
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests the installation of the @membranehq/cli package, which is an official tool maintained by the vendor.\n- [COMMAND_EXECUTION]: The integration relies on the membrane CLI to manage authentication and execute actions against the 1msg platform.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it retrieves and processes external message data from 1msg.\n
- Ingestion points: External content is ingested through actions like get-messages and get-profile-info defined in SKILL.md.\n
- Boundary markers: The skill does not define specific delimiters or instructions to ignore instructions within the retrieved message content.\n
- Capability inventory: The skill can execute actions and proxy requests which could be influenced by the interpretation of external data.\n
- Sanitization: There is no evidence of sanitization or validation performed on the external message content before processing.
Audit Metadata