docsgenflow
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli package globally to facilitate interaction with the Membrane platform.
- [COMMAND_EXECUTION]: Executes several shell commands via the membrane CLI for operations such as logging in, listing connections, and running document actions.
- [SAFE]: Implements secure credential management by utilizing the Membrane connection system, explicitly advising against asking users for secrets or tokens.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ability to ingest and process content from DocsGenFlow documents.
- Ingestion points: Document and template retrieval actions (get-document, list-documents) in SKILL.md.
- Boundary markers: Not explicitly defined in the instructions.
- Capability inventory: Subprocess calls via membrane action run and membrane request in SKILL.md.
- Sanitization: Not explicitly implemented in the skill instructions.
Audit Metadata