Skills
skills/membranedev/application-skills/plecto/Gen Agent Trust Hub

plecto

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package via npm. This is the official CLI tool provided by the vendor for managing integrations and secure authentication.
  • [COMMAND_EXECUTION]: The skill uses the membrane CLI to perform operations such as logging in, connecting to Plecto, and running API actions. These are standard operations for the intended functionality.
  • [PROMPT_INJECTION]: The skill processes data from Plecto, creating an indirect prompt injection surface where external data could potentially contain instructions for the agent.
  • Ingestion points: outputs from membrane action run and membrane request.
  • Boundary markers: None.
  • Capability inventory: membrane CLI execution.
  • Sanitization: None specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 09:30 AM