Skills
skills/membranedev/application-skills/dingconnect/Gen Agent Trust Hub

dingconnect

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli npm package. This is a vendor-owned resource used for authentication and interacting with the Membrane platform to manage the integration.
  • [COMMAND_EXECUTION]: The skill guides the agent to use the membrane command-line tool to perform setup, discover actions, and execute requests against the DingConnect API. These commands are localized to the Membrane environment and are used as intended for the skill's purpose.
  • [PROMPT_INJECTION]: The skill processes data from the DingConnect API, which represents a potential indirect prompt injection surface.
  • Ingestion points: API responses from membrane request and action schemas from membrane action list are read into the agent's context.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the documentation.
  • Capability inventory: The skill possesses the ability to execute shell commands via the membrane CLI and perform network requests through the Membrane proxy.
  • Sanitization: No explicit sanitization, validation, or escaping of external API data is mentioned in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 02:53 PM