Skills
skills/membranedev/application-skills/clickup/Gen Agent Trust Hub

clickup

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the Membrane CLI tool (@membranehq/cli) from the official npm registry to facilitate communication with the Membrane platform.
  • [COMMAND_EXECUTION]: The skill employs shell commands via the membrane CLI for managing connections, searching for available ClickUp actions, and executing project management tasks.
  • [PROMPT_INJECTION]: The skill processes external data from ClickUp (tasks, folders, comments), which constitutes a surface for indirect prompt injection attacks.
  • Ingestion points: Data retrieved from ClickUp via actions like list-tasks, get-task, and list-task-comments.
  • Boundary markers: Not explicitly defined in the provided instructions to isolate external content.
  • Capability inventory: Includes the ability to search for, create, and run arbitrary actions within the connected ClickUp environment using membrane action run and membrane action create.
  • Sanitization: The instructions do not specify any validation or sanitization steps for the data retrieved from the external API.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 11:50 PM