dock-certs
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally from the official NPM registry to enable interaction with the platform. - [COMMAND_EXECUTION]: The skill uses various shell commands to interact with the
membraneCLI tool, includinglogin,search,connect, andaction run. These commands facilitate authentication and execution of predefined API actions. - [DATA_EXFILTRATION]: The skill performs network operations via the Membrane platform's proxy. This is a core part of its functionality as an integration tool and is used to communicate with the Dock Certs API securely without exposing raw authentication tokens in the skill logic.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes external data.
- Ingestion points: Responses from the Dock Certs API via
membrane action runormembrane requestcommands (SKILL.md). - Boundary markers: No explicit delimiters are used in the provided instructions to isolate external data from the agent's logic.
- Capability inventory: The skill has the ability to execute shell commands (
membraneCLI) and perform network requests (SKILL.md). - Sanitization: Sanitization is handled by the underlying Membrane platform and CLI tool.
Audit Metadata