Skills
skills/membranedev/application-skills/gathercontent/Gen Agent Trust Hub

gathercontent

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to interact with the GatherContent service.
  • Operations include authentication via membrane login, connection management with membrane connect, and executing API actions through membrane action run.
  • All command executions are scoped to the vendor's official integration platform.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the Membrane CLI from the npm registry.
  • Package: @membranehq/cli.
  • This is a standard dependency for skills interacting with the Membrane ecosystem.
  • [PROMPT_INJECTION]: The skill processes external content from the GatherContent API, representing a surface for indirect prompt injection.
  • Ingestion points: Data retrieved via membrane action run and membrane request (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands in the retrieved content.
  • Capability inventory: The agent has access to shell command execution through the membrane CLI (SKILL.md).
  • Sanitization: No explicit sanitization or validation of the external API responses is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 06:49 AM