Skills
skills/membranedev/application-skills/calendarhero/Gen Agent Trust Hub

calendarhero

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the official @membranehq/cli tool via NPM to facilitate interaction with the Membrane platform.
  • [COMMAND_EXECUTION]: Uses the membrane command-line tool to perform login, connection, and action execution tasks.
  • [DATA_EXFILTRATION]: Conducts necessary network communication with getmembrane.com and calendarhero.com to synchronize meeting and contact data.
  • [PROMPT_INJECTION]: The skill processes external data from CalendarHero, presenting a surface for indirect prompt injection. Ingestion points: Data returned from the membrane action run command (e.g., meeting and contact details). Boundary markers: No specific delimiters or warnings are used to isolate external data from agent instructions. Capability inventory: The agent can execute CLI commands and manage connections through the Membrane platform. Sanitization: No explicit content sanitization or validation logic is defined.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 08:22 PM