Skills
skills/membranedev/application-skills/idnow/Gen Agent Trust Hub

idnow

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the @membranehq/cli package from the npm registry. This is a vendor-provided tool used to manage the integration and authentication flow.
  • [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection because it ingests and processes data from the IDnow platform that could be influenced by external actors.
  • Ingestion points: API responses and record data retrieved through membrane action run and membrane request commands.
  • Boundary markers: Absent. The instructions do not define specific delimiters or warnings to the agent regarding the untrusted nature of the retrieved data.
  • Capability inventory: The skill utilizes shell command execution via the membrane CLI to perform data queries, run actions, and send HTTP requests.
  • Sanitization: Absent. There is no evidence of data validation or escaping before external content is presented to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 09:23 PM