Skills
skills/membranedev/application-skills/khoros-marketing/Gen Agent Trust Hub

khoros-marketing

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package globally via npm to facilitate communication with the Membrane platform. This is a vendor-owned resource.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various membrane CLI commands, such as login, connect, action run, and request, to manage data and automate workflows in Khoros Marketing.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external APIs.
  • Ingestion points: Data returned from Khoros Marketing via membrane action run or membrane request (SKILL.md).
  • Boundary markers: None specified in the instructions to delimit external data from agent commands.
  • Capability inventory: The agent can execute shell commands via the membrane CLI (SKILL.md).
  • Sanitization: No specific sanitization or validation of the API responses is described in the skill content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 03:35 PM