Skills
skills/membranedev/application-skills/acymailing/Gen Agent Trust Hub

acymailing

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from npm, which is the official command-line tool for the Membrane platform.
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the membrane CLI to manage connections and execute API actions, which is the primary intended behavior.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection attack surface (Category 8) because it processes data from an external API.
  • Ingestion points: Data is ingested via membrane action run and membrane request output.
  • Boundary markers: There are no explicit markers used to delimit or ignore instructions within the retrieved API data.
  • Capability inventory: The skill performs network operations and API interactions.
  • Sanitization: No explicit sanitization or filtering of API responses is defined.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 08:55 AM