google-docs
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via npm. This is a known vendor resource provided by the skill author (membranedev) and is necessary for the skill to function. - [COMMAND_EXECUTION]: The skill relies on executing
membraneCLI commands to perform tasks such as logging in, searching for connectors, and interacting with the Google Docs API. These commands are standard for the intended integration logic. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it retrieves and processes content from external Google Documents. This is inherent to the skill's primary purpose.
- Ingestion points: Data is ingested through actions like
get-documentor via themembrane requestproxy functionality (SKILL.md). - Boundary markers: None explicitly defined in the CLI command descriptions.
- Capability inventory: The skill can create, update, and delete document content via the
membrane action runandmembrane requestcommands. - Sanitization: No specific sanitization or filtering of document content is described in the documentation.
Audit Metadata