Skills
skills/membranedev/application-skills/inworld-ai/Gen Agent Trust Hub

inworld-ai

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the official @membranehq/cli package from the public npm registry, which is a required tool for interacting with the Membrane ecosystem.
  • [COMMAND_EXECUTION]: The skill executes the membrane command-line interface to manage service connections, perform authentication, and run actions against the Inworld AI platform.
  • [PROMPT_INJECTION]: The skill ingests action definitions and schemas via the membrane action list command, creating a surface for indirect prompt injection if external metadata contains malicious instructions.
  • Ingestion points: Output from the membrane action list command which provides action IDs and input schemas.
  • Boundary markers: None identified in the instruction set.
  • Capability inventory: Execution of arbitrary actions and raw HTTP requests via the membrane action run and membrane request commands.
  • Sanitization: The skill relies on the platform to provide valid schemas and does not perform independent validation or escaping of the retrieved metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 08:27 PM