Skills
skills/membranedev/application-skills/outsystems/Gen Agent Trust Hub

outsystems

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the npm registry. This is the official command-line tool provided by the vendor for interacting with their platform.
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform operations such as authentication, searching for connectors, and executing actions. These commands are necessary for the skill's primary functionality of managing OutSystems data.
  • [PROMPT_INJECTION]: The skill acts as an interface for reading data from external OutSystems APIs, which introduces a surface for indirect prompt injection if the retrieved data contains malicious instructions.
  • Ingestion points: Data is brought into the agent context through the output of membrane action run and membrane request commands.
  • Boundary markers: The instructions do not specify the use of delimiters or clear separation between system instructions and data retrieved from the API.
  • Capability inventory: The skill has the capability to execute shell commands via the membrane CLI tool.
  • Sanitization: There is no mention of data validation or sanitization of the API responses before they are presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 09:05 AM