Skills
skills/membranedev/application-skills/asana/Gen Agent Trust Hub

asana

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli package from the official NPM registry, which is the legitimate command-line interface provided by the vendor for platform interaction.
  • [COMMAND_EXECUTION]: Employs the Membrane CLI to perform Asana operations such as listing tasks, creating projects, and running actions.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted data from Asana tasks and projects.
  • Ingestion points: External data enters the context through actions like list-tasks, get-task, and list-project-tasks as documented in SKILL.md.
  • Boundary markers: None identified; external content is processed without specific delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill can execute state-changing actions via membrane action run, including task and project creation, updates, and deletion.
  • Sanitization: No explicit sanitization or validation of external content is present in the skill instructions.
  • [SAFE]: The skill promotes secure practices by utilizing Membrane's managed connection system for authentication, ensuring that no API keys or tokens are handled or requested locally.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 02:35 PM