Skills
skills/membranedev/application-skills/contractbook/Gen Agent Trust Hub

contractbook

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli global package from the NPM registry. This is the official tool used to facilitate communication with the Membrane platform and is consistent with the skill author's infrastructure.
  • [COMMAND_EXECUTION]: The skill executes various membrane CLI commands to perform authentication (membrane login), connection management (membrane connect), and API interactions (membrane action run, membrane request). These are necessary for the skill's primary functionality.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes data retrieved from the Contractbook API.
  • Ingestion points: External contract data, templates, and records enter the agent context via the output of membrane action run and membrane request commands.
  • Boundary markers: The instructions do not specify the use of delimiters or specific XML tags to isolate retrieved data from agent instructions.
  • Capability inventory: The skill utilizes subprocess execution for the membrane CLI and provides tools for performing network requests through the Membrane proxy.
  • Sanitization: No explicit validation or escaping of the retrieved API data is defined within the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 10:52 PM