The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: Installs the Membrane CLI tool globally using npm install -g @membranehq/cli. This is a standard installation for the vendor's official command-line interface.
[COMMAND_EXECUTION]: Uses the membrane CLI to perform operations such as logging in, connecting to services, and executing actions. These commands are restricted to the functionality provided by the Membrane platform.
[DATA_EXFILTRATION]: Facilitates communication with the CustomGPT API via the membrane request command. This is the primary intended purpose of the skill and uses Membrane's proxy to handle credentials securely.
[PROMPT_INJECTION]: The skill includes an attack surface for indirect prompt injection as it retrieves data (e.g., page content, conversation history) from CustomGPT that may contain untrusted instructions.
Ingestion points: membrane action run and membrane request commands retrieve external data from CustomGPT.
Boundary markers: None present in the skill instructions.
Capability inventory: The skill can execute shell commands via the membrane CLI and write to the CustomGPT API.
Sanitization: No explicit sanitization or filtering of retrieved data is described in the instructions.

customgpt