Skills
skills/membranedev/application-skills/tooljet/Gen Agent Trust Hub

tooljet

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill guides the user to install the @membranehq/cli package globally via npm to enable integration capabilities.
  • [COMMAND_EXECUTION]: The instructions utilize the membrane command-line tool to perform various tasks such as authentication, connection management, and executing API actions against ToolJet.
  • [PROMPT_INJECTION]: The skill is designed to process external data from ToolJet query results, which presents a surface for potential indirect prompt injection if the retrieved data contains malicious instructions.
  • Ingestion points: External data retrieved via membrane action run and membrane request commands (e.g., query results from ToolJet).
  • Boundary markers: Absent. The skill does not define specific delimiters or instructions to ignore embedded commands in the processed data.
  • Capability inventory: The skill can execute shell commands via the membrane CLI to interact with external APIs and manage local connections.
  • Sanitization: None described in the provided skill content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 09:05 AM