Skills
skills/membranedev/application-skills/github/Gen Agent Trust Hub

github

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package from the npm registry. This is a vendor-owned tool required for the skill's operation with the Membrane platform.
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform various tasks including login, connection management, and action execution. These commands are part of the intended project management workflow.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data from GitHub.
  • Ingestion points: External data enters the agent context through GitHub issue and pull request descriptions, titles, and comments retrieved via various 'list' and 'get' actions.
  • Boundary markers: The instructions do not define explicit delimiters or 'ignore' warnings for the data being processed.
  • Capability inventory: The skill has the ability to perform write operations on GitHub, such as creating issues, updating pull requests, and merging code through membrane action run commands.
  • Sanitization: There is no evidence of sanitization or validation of the content retrieved from GitHub before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 01:55 AM