terminus-app
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI tool (@membranehq/cli) from the vendor's package registry. This is an expected dependency for the platform.
- [COMMAND_EXECUTION]: The skill uses the
membranecommand-line tool to perform operations such as authentication, connection management, and running Terminus App actions. These operations are the primary intended functionality of the skill. - [DATA_EXFILTRATION]: No unauthorized data transfer detected. The skill utilizes a secure proxy system for API requests which injects authentication headers server-side, preventing the exposure of credentials in the local environment or through skill logic.
- [PROMPT_INJECTION]: The skill processes external data retrieved from Terminus App (records and schemas), which constitutes an ingestion point for untrusted content. This creates a surface for potential indirect prompt injection where instructions embedded in the data could attempt to influence the agent.
- Ingestion points: Output of
membrane action runandmembrane request(SKILL.md). - Boundary markers: None specified in the instructions to delimit or ignore instructions within external data.
- Capability inventory: The skill has the ability to execute shell commands via the
membraneCLI (SKILL.md). - Sanitization: No explicit sanitization or validation logic is defined for the retrieved data.
Audit Metadata