element
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the official Membrane CLI package (
@membranehq/cli) from the NPM registry to manage the integration. - [COMMAND_EXECUTION]: Uses the
membraneCLI to perform operations such as authentication, searching for connectors, and executing actions on the Element platform. - [PROMPT_INJECTION]: As a messaging integration, the skill processes data from Element rooms and users which could contain untrusted instructions.
- Ingestion points: Data retrieved from the
membrane action runandmembrane requestcommands. - Boundary markers: None explicitly defined in the instructions to separate external message content from agent instructions.
- Capability inventory: The skill has the capability to execute shell commands (via the Membrane CLI) and perform network requests through the Membrane proxy.
- Sanitization: No specific sanitization or escaping of external content is mentioned; the skill relies on the underlying agent's standard safety protocols for processing external data.
Audit Metadata