everwebinar
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill provides legitimate instructions for using the EverWebinar service through the Membrane CLI.
- [EXTERNAL_DOWNLOADS]: The instructions guide the user to install @membranehq/cli from the official npm registry. This is a standard vendor-provided tool required for the skill's functionality.
- [COMMAND_EXECUTION]: The skill uses the membrane CLI to perform actions and requests. These commands are scoped to the authenticated user's account and used for legitimate API interactions.
- [SAFE]: Potential for Indirect Prompt Injection surface. 1. Ingestion points: External data enters the agent context via membrane action run and membrane request outputs (EverWebinar API responses). 2. Boundary markers: None explicitly defined in the instructions. 3. Capability inventory: Execution of API actions and raw HTTP requests via membrane action run and membrane request in SKILL.md. 4. Sanitization: Not explicitly defined; relies on the agent's internal safety filters.
Audit Metadata