assertible
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the official npm registry. This is a legitimate tool provided by the vendor (Membrane) to manage workflows and authentication. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it retrieves and processes data from the Assertible API.
- Ingestion points: Data returned from
membrane action runandmembrane requestcommands in SKILL.md. - Boundary markers: None; API responses are incorporated into the agent's context without specific delimiters.
- Capability inventory: The skill can execute shell commands via the
membraneCLI and perform network operations through the Membrane proxy. - Sanitization: No specific filtering or validation of the external API content is defined.
Audit Metadata