nicereply
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the official @membranehq/cli package from NPM, which is a trusted vendor resource.
- [COMMAND_EXECUTION]: Shell commands are used to interact with the membrane CLI for action discovery and execution, which is standard behavior for this platform.
- [SAFE]: The skill implements a secure authentication flow that avoids the use of hardcoded secrets or sensitive credential handling.
- [PROMPT_INJECTION]: Indirect surface assessment: 1. Ingestion points: Nicereply API data via membrane action run; 2. Boundary markers: Absent; 3. Capability inventory: membrane CLI execution; 4. Sanitization: None. The potential for indirect prompt injection is mitigated by the specific and restricted nature of the CLI actions.
Audit Metadata