blockstack
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the NPM registry. This is the official command-line tool provided by the skill author for platform integration. - [COMMAND_EXECUTION]: The skill executes various commands using the
membraneCLI to handle authentication, manage service connections, and run actions. - [PROMPT_INJECTION]: The skill processes data from the Membrane API, representing a potential surface for indirect instructions. Ingestion points: Data from
membrane action listandmembrane action run(found in SKILL.md). Boundary markers: Absent. Capability inventory: Execution ofmembraneCLI commands (found in SKILL.md). Sanitization: No explicit sanitization of external data is performed before processing.
Audit Metadata