sendx
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the Membrane CLI (@membranehq/cli) for authentication and communication with SendX. This centralizes credential management on the Membrane platform, preventing the agent from needing to handle sensitive API keys directly.
- [COMMAND_EXECUTION]: Uses standard CLI commands (membrane login, membrane connect, membrane action run) to interact with the service. These commands are typical for the Membrane ecosystem and do not show signs of malicious intent.
- [EXTERNAL_DOWNLOADS]: Recommends installing the @membranehq/cli package via NPM. This is an official tool from the vendor (Membrane) used to facilitate the integration.
- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection. Ingestion points: Data returned from SendX via 'membrane action run' and 'membrane request' (SKILL.md). Boundary markers: Absent. Capability inventory: 'membrane action run' and 'membrane request' (SKILL.md). Sanitization: Absent. Despite the surface, no exploitable capabilities for system-level compromise were identified.
- [METADATA_POISONING]: The description mentions CRM entities like 'Deals' and 'Organizations' which are not part of SendX. This is likely a documentation template error and not a security risk.
Audit Metadata