Skills
skills/membranedev/application-skills/samcart/Gen Agent Trust Hub

samcart

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package via NPM. This is the official command-line tool for the Membrane platform, which acts as the infrastructure for this integration.
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform operations such as login, connect, and action run. These commands are standard for managing API connections and executing remote actions within the Membrane ecosystem.
  • [PROMPT_INJECTION]: The skill processes data retrieved from the SamCart API (such as order details and customer info). This creates a potential surface for indirect prompt injection if the ingested data contains malicious instructions. However, the risk is mitigated by the use of structured action schemas and the intended use case of data integration.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 01:42 AM