Skills
skills/membranedev/application-skills/celoxis/Gen Agent Trust Hub

celoxis

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Recommends installing the @membranehq/cli package from the NPM registry. This is the official tool provided by the vendor to facilitate secure authentication and API communication.
  • [COMMAND_EXECUTION]: Utilizes the membrane CLI to perform operations like project listing, task creation, and direct API requests. These commands are necessary for the skill's functionality and are executed in the user's local environment.
  • [PROMPT_INJECTION]: The skill processes external data from Celoxis, creating a surface for potential indirect prompt injection.
  • Ingestion points: Project, task, and user data retrieved from the Celoxis API via membrane commands in SKILL.md.
  • Boundary markers: Explicit delimiters for external content are not defined in the instructions.
  • Capability inventory: Command execution capabilities are provided through the membrane CLI for managing data and workflows.
  • Sanitization: The skill relies on Membrane's structured action schemas, but does not specify additional sanitization for raw API responses.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 10:17 PM