Skills
skills/membranedev/application-skills/herald/Gen Agent Trust Hub

herald

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Membrane CLI to perform tasks such as authentication and API interaction.
  • Evidence: Commands such as membrane login, membrane action run, and membrane request are used to interface with the platform.
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the official developer tool for the platform.
  • Evidence: npm install -g @membranehq/cli is required to use the integration.
  • [DATA_EXFILTRATION]: No attempts to access sensitive local files or exfiltrate environment variables were found. The skill leverages the vendor's managed connection system to handle credentials securely.
  • [PROMPT_INJECTION]: The skill processes external data retrieved from the Herald API, creating a surface for indirect prompt injection.
  • Ingestion points: Data returned from membrane action run and membrane request in SKILL.md.
  • Boundary markers: Absent; data is returned directly to the agent's context.
  • Capability inventory: Shell command execution via the membrane CLI.
  • Sanitization: Absent; the skill relies on the agent's internal safety filters.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 03:03 PM