guru
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package via npm. This is a vendor-provided tool necessary for interacting with the Membrane integration environment.
- [COMMAND_EXECUTION]: The agent is instructed to use the 'membrane' command-line tool for authentication, discovering available Guru actions, and executing API calls or proxy requests.
- [PROMPT_INJECTION]: The skill handles data from Guru (such as card content and comments), which represents an indirect prompt injection surface. Ingestion points: Data is retrieved via actions like 'list-card-comments' and 'get-card' in SKILL.md. Boundary markers: No explicit delimiters or instructions are provided to the agent to treat this data as untrusted. Capability inventory: The agent can execute shell commands and network requests through the 'membrane' CLI. Sanitization: The skill does not implement specific sanitization or filtering of the ingested data.
Audit Metadata