Skills
skills/membranedev/application-skills/screendesk/Gen Agent Trust Hub

screendesk

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the official @membranehq/cli package from the npm registry and uses npx to execute the latest version, which are standard methods for utilizing the vendor's tooling.\n- [COMMAND_EXECUTION]: The skill executes various membrane CLI commands to handle authentication (membrane login), discover actions, and perform API requests through the Membrane proxy.\n- [PROMPT_INJECTION]: The skill processes external customer support data (contacts, conversations, and notes) from Screendesk, which represents an attack surface for indirect prompt injection.\n
  • Ingestion points: Screendesk API data (conversations, notes, meetings) retrieved via membrane action run and membrane request in SKILL.md.\n
  • Boundary markers: Not specified in the instructions.\n
  • Capability inventory: membrane action run and membrane request allow the agent to read and modify Screendesk data.\n
  • Sanitization: No explicit sanitization or filtering of external content is defined in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 11:19 PM