Skills
skills/membranedev/application-skills/cisco-webex/Gen Agent Trust Hub

cisco-webex

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the membrane CLI to interact with Cisco Webex services, including running actions and manual API requests.
  • [EXTERNAL_DOWNLOADS]: The instructions direct users to install the @membranehq/cli package from the global npm registry. This is the official CLI for the platform and is provided by the skill author.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes data from external sources such as Webex messages and meeting descriptions. Ingestion points: Data enters the context through actions like list-messages, get-message, and list-meetings in SKILL.md. Boundary markers: None are defined to separate untrusted content from agent instructions. Capability inventory: The skill has the ability to execute shell commands via the membrane tool as documented in SKILL.md. Sanitization: There is no evidence of sanitization or filtering for the retrieved data before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 10:02 PM