Skills
skills/membranedev/application-skills/forest-admin/Gen Agent Trust Hub

forest-admin

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package from the NPM registry. This is a vendor-owned package used to facilitate the integration.
  • [COMMAND_EXECUTION]: The skill utilizes several shell commands via the membrane CLI to manage connections, search for actions, and execute API requests to Forest Admin.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its data processing model:
  • Ingestion points: Untrusted data enters the agent context through the output of membrane action run and membrane request commands in SKILL.md.
  • Boundary markers: The instructions do not define clear delimiters or specific warnings for the agent to ignore instructions embedded within the retrieved Forest Admin data.
  • Capability inventory: The skill includes powerful capabilities such as membrane action run and membrane request which can be used to modify external data or perform state-changing operations.
  • Sanitization: There is no evidence of sanitization or validation logic applied to the external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 08:12 PM