Skills
skills/membranedev/application-skills/gitbook/Gen Agent Trust Hub

gitbook

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli tool from the NPM registry. This is a standard practice for utilizing the vendor's integration platform.
  • [COMMAND_EXECUTION]: Shell commands using the membrane CLI are employed to authenticate the user, connect to GitBook, and execute various actions or API requests.
  • [PROMPT_INJECTION]: Ingesting content from GitBook pages creates a surface for indirect prompt injection if external documentation contains malicious instructions.
  • Ingestion points: Data retrieved from GitBook spaces and pages via membrane action run and membrane request (SKILL.md).
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the fetched content.
  • Capability inventory: Capability to execute API actions and CLI commands based on retrieved data (SKILL.md).
  • Sanitization: No explicit content sanitization or validation logic is provided in the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 07:41 AM