Skills
skills/membranedev/application-skills/datatrails/Gen Agent Trust Hub

datatrails

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package globally from the NPM registry to enable interaction with the Membrane platform.
  • [COMMAND_EXECUTION]: The skill utilizes several subcommands of the membrane CLI tool, including login, search, connect, action, and request, to manage integrations and execute data operations.
  • [DATA_EXFILTRATION]: The skill provides the membrane request command which allows the agent to send data to external DataTrails API endpoints. This behavior is the intended primary purpose of the skill for data governance and logging.
  • [PROMPT_INJECTION]: As the skill ingests data from external DataTrails records and events, it possesses an attack surface for indirect prompt injection. However, this is a standard risk for integration skills and is mitigated by the platform's execution environment.
  • Ingestion points: Data entering via membrane action run and membrane request commands.
  • Boundary markers: Not explicitly defined in the instructions.
  • Capability inventory: Subprocess calls via the membrane CLI.
  • Sanitization: Relies on the underlying platform's handling of command-line arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 05:57 AM