Skills
skills/membranedev/application-skills/trengo/Gen Agent Trust Hub

trengo

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the Membrane CLI (@membranehq/cli) from the NPM registry. This is a standard requirement for interacting with the vendor's platform.
  • [COMMAND_EXECUTION]: Uses the membrane CLI to perform various integration tasks such as authentication, searching for connectors, and running actions against the Trengo API.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes untrusted data from Trengo (e.g., messages from WhatsApp, email, or social media).
  • Ingestion points: External data is retrieved via membrane action run and membrane request commands in SKILL.md.
  • Boundary markers: The instructions do not specify the use of delimiters or warnings for the agent when processing retrieved customer message content.
  • Capability inventory: The skill allows the agent to read and write data to Trengo and execute CLI commands as documented in SKILL.md.
  • Sanitization: There is no mention of sanitizing or escaping the data retrieved from Trengo before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 04:38 PM