sendsms
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI for all operations, including authentication, action discovery, and API interactions. - [EXTERNAL_DOWNLOADS]: Recommends installation of the
@membranehq/clipackage from the npm registry, which is the official tool for the platform. - [PROMPT_INJECTION]: Potential surface for indirect prompt injection as the agent processes external SMS data.
- Ingestion points: Data returned from
membrane action runandmembrane requestcommands in SKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified for API responses.
- Capability inventory: Ability to execute shell commands (
membrane) and perform network requests through a proxy. - Sanitization: The skill does not provide instructions for sanitizing or validating external content before processing.
Audit Metadata