Skills
skills/membranedev/application-skills/bookboost-guest-messaging/Gen Agent Trust Hub

bookboost-guest-messaging

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes the @membranehq/cli package, which is the official command-line interface provided by the vendor (Membrane) to manage integrations and connections safely.
  • [PROMPT_INJECTION]: The skill is designed to handle messaging data from the Bookboost API, which represents a potential surface for indirect prompt injection.
  • Ingestion points: External messaging data is retrieved from the Bookboost API via membrane action run and membrane request commands.
  • Boundary markers: There are no explicit delimiters defined in the instructions to isolate external data from the agent's instructions.
  • Capability inventory: The skill provides the ability to read and write guest communication data through the authenticated Membrane platform.
  • Sanitization: Data processing safety relies on the platform's proxy handling and the language model's built-in safety guardrails.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 11:49 PM