The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill recommends installing the @membranehq/cli package from the official NPM registry. This is a legitimate tool provided by the author (membrane) for managing integrations.
[COMMAND_EXECUTION]: Uses the membrane command-line utility for authentication, searching actions, and executing API requests. This is the intended behavior of the skill and follows standard development workflows for this platform.
[DATA_EXFILTRATION]: Employs a proxy system (membrane request) to communicate with the SendOwl API. This allows the platform to manage sensitive authentication headers and credential refreshes server-side, preventing the need to store or handle raw API keys in the local environment.
[PROMPT_INJECTION]: The skill is designed to process data from the SendOwl API (such as orders and customer records) which constitutes an external data ingestion surface. 1. Ingestion points: Data returned from membrane action run or membrane request. 2. Boundary markers: None explicitly mentioned in the instructions. 3. Capability inventory: The skill can execute platform actions and make requests to the SendOwl API via the CLI. 4. Sanitization: Not specified in the markdown instructions. This represents a standard surface for indirect prompt injection common to API integration skills.

sendowl