Skills
skills/membranedev/application-skills/serpapi/Gen Agent Trust Hub

serpapi

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package via npm. This is a vendor-owned utility used for managing authentication and interacting with the Membrane platform.
  • [COMMAND_EXECUTION]: The skill relies on executing membrane CLI commands to handle connections, list actions, and perform API requests. This is the intended functional mechanism of the skill.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes real-time search engine results from SerpApi, which originate from untrusted external sources.
  • Ingestion points: Data returned from membrane action run or membrane request containing search results (SKILL.md).
  • Boundary markers: None specified in the instructions to separate external data from system instructions.
  • Capability inventory: Ability to execute shell commands via the membrane CLI (SKILL.md).
  • Sanitization: No explicit sanitization or filtering of the search result content is mentioned before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 08:12 PM