Skills
skills/membranedev/application-skills/microsoft-teams/Gen Agent Trust Hub

microsoft-teams

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from npm, which is a vendor-owned tool used for authentication and service interaction.
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to execute various commands for connection management, data retrieval, and API proxying.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted message content retrieved from Microsoft Teams.
  • Ingestion points: list-channel-messages, list-chat-messages, and get-channel-message actions documented in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided.
  • Capability inventory: The skill has the ability to write to the platform via send-channel-message and the membrane request proxy as seen in SKILL.md.
  • Sanitization: No sanitization or validation of the ingested message content is described in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 07:58 PM