Skills
skills/membranedev/application-skills/teamsupport/Gen Agent Trust Hub

teamsupport

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli global npm package. This is a recognized vendor resource from the Membrane ecosystem used to facilitate secure API interactions.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) because it retrieves and processes untrusted data from the TeamSupport platform.\n
  • Ingestion points: TeamSupport data retrieved through membrane action run and membrane request as described in SKILL.md.\n
  • Boundary markers: None; the instructions do not include markers to isolate external data from the agent's instructions.\n
  • Capability inventory: The skill utilizes the membrane CLI to execute actions and network requests.\n
  • Sanitization: None; the skill does not describe any methods for validating or escaping external data before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 08:12 PM