trello
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the Membrane CLI tool globally via npm (
@membranehq/cli). This is a legitimate dependency provided by the skill's author to facilitate interaction with the Membrane platform. - [COMMAND_EXECUTION]: The skill uses various
membraneCLI commands to perform authentication, discover actions, and execute API requests. These commands are necessary for the skill's intended functionality to interact with the Trello API. - [PROMPT_INJECTION]: While no direct malicious injections were found, the skill is designed to ingest data from Trello (boards, lists, and cards). This introduces a surface for indirect prompt injection if the agent processes untrusted content from shared project management environments without proper sanitization.
- Ingestion points: Trello boards, lists, cards, and comments accessed via
membrane action runormembrane request. - Boundary markers: None explicitly mentioned in the skill instructions.
- Capability inventory: The skill can perform network requests, list connections, and execute actions that modify Trello data.
- Sanitization: No explicit sanitization or validation of the ingested Trello data is described in the prompt logic.
Audit Metadata