Skills
skills/membranedev/application-skills/formdesk/Gen Agent Trust Hub

formdesk

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted content from Formdesk. \n
  • Ingestion points: The skill fetches form results and user data via actions defined in SKILL.md. \n
  • Boundary markers: There are no instructions to use delimiters or ignore instructions within the retrieved data. \n
  • Capability inventory: The skill can execute shell commands via membrane action run and make network requests via membrane request. \n
  • Sanitization: The skill does not specify any sanitization or validation logic for data ingested from the API. \n- [COMMAND_EXECUTION]: The skill requires the installation and execution of the @membranehq/cli tool to facilitate the integration. \n- [EXTERNAL_DOWNLOADS]: The skill downloads the vendor's CLI package from the public NPM registry.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 07:45 PM