agora
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@membranehq/clifrom the npm registry, which is the official tool provided by the vendor. - [COMMAND_EXECUTION]: Uses the
membraneCLI to manage connections and execute API actions, which involves running shell commands on the host system to interact with the Membrane platform. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it retrieves meeting transcripts and participant data from the Agora platform. \n
- Ingestion points: Data retrieved through
membrane action runandmembrane requestas described in SKILL.md. \n - Boundary markers: Not present in the instructions. \n
- Capability inventory: Shell command execution via the
membraneCLI as described in SKILL.md. \n - Sanitization: Not explicitly mentioned in the skill instructions; relies on the agent's core safety guardrails.
Audit Metadata