flexmail
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the
@membranehq/clitool to interact with Flexmail. This is an official utility from the vendor 'membranedev' designed to manage API requests and authentication securely. - [PROMPT_INJECTION]: The skill processes data from Flexmail (contacts, campaigns, etc.). While this is an ingestion point for external data, no malicious instruction-override patterns were detected, and the skill's structure minimizes the risk of indirect prompt injection by using defined CLI actions.
- [CREDENTIALS_UNSAFE]: The skill encourages using Membrane's connection system, which handles authentication server-side. This approach is highly secure as it prevents the exposure of API keys or tokens in the agent's environment or the skill's code.
Audit Metadata