phrase
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security risks or malicious patterns were identified in the skill instructions or dependencies.\n- [EXTERNAL_DOWNLOADS]: The skill references the installation of the official
@membranehq/clipackage from npm, which is a trusted vendor resource.\n- [COMMAND_EXECUTION]: The skill utilizes themembraneCLI to interact with Phrase, performing authenticated actions and data retrieval as intended.\n- [PROMPT_INJECTION]: The skill processes data from the Phrase API, creating an indirect prompt injection surface. Ingestion points: Phrase API responses (SKILL.md). Boundary markers: Not specified. Capability inventory:membrane action run(e.g.,create-project,update-locale). Sanitization: Relies on Phrase API and Membrane platform security layers.
Audit Metadata