Skills
skills/membranedev/application-skills/impression/Gen Agent Trust Hub

impression

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the npm registry. This is the official command-line tool for the Membrane platform.
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform several operations:
  • Authenticates the user session via membrane login.
  • Discovers and connects to the Impression service via membrane search and membrane connect.
  • Executes API actions and proxy requests using membrane action run and membrane request.
  • [PROMPT_INJECTION]: The skill is designed to process data from external sources (Impression Deals, Leads, Organizations, etc.). This introduces a surface for indirect prompt injection if the retrieved data contains malicious instructions intended to influence the agent's behavior. Standard LLM safety guardrails and input sanitization are recommended when processing this data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 04:38 PM