Skills
skills/membranedev/application-skills/fusionauth/Gen Agent Trust Hub

fusionauth

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs the installation of the @membranehq/cli npm package, which is a verified tool belonging to the skill's authoring organization.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands via the membrane CLI to manage user sessions, connect to services, and execute API actions.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection risk by ingesting and processing external data from the FusionAuth API. 1. Ingestion points: External data enters the agent context via outputs from membrane action run and membrane request commands as documented in SKILL.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill instructions. 3. Capability inventory: The agent is authorized to execute shell commands and perform network operations through the CLI (per SKILL.md). 4. Sanitization: The skill does not specify any validation or sanitization mechanisms for the data retrieved from FusionAuth.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 08:20 AM