Skills
skills/membranedev/application-skills/geoapify/Gen Agent Trust Hub

geoapify

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package globally via npm, which is a verified tool belonging to the vendor.
  • [COMMAND_EXECUTION]: The skill uses the membrane CLI to perform geocoding and routing tasks, which is the intended functionality for this integration.
  • [PROMPT_INJECTION]: The skill processes external API data, creating a surface for indirect prompt injection. 1. Ingestion points: API responses from membrane action run and membrane request commands. 2. Boundary markers: Absent. 3. Capability inventory: Command execution via the CLI. 4. Sanitization: No sanitization logic is described for API data before it enters the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 01:55 PM