wrk
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the official NPM registry to facilitate communication with the Wrk API. This tool is owned by the skill's author and is used for its intended purpose. - [COMMAND_EXECUTION]: Several commands are executed via the
membraneCLI, includingmembrane login,membrane connect, andmembrane action run. These operations are necessary for the skill's functionality to manage records and workflows. - [PROMPT_INJECTION]: The skill represents a potential surface for indirect prompt injection as it ingests data from external API endpoints (Wrk tasks, comments, etc.).
- Ingestion points: Untrusted data enters the agent context through
membrane action runandmembrane request(SKILL.md). - Boundary markers: None identified in the provided instructions.
- Capability inventory: The skill uses subprocess calls to execute the
membraneCLI (SKILL.md). - Sanitization: No explicit sanitization or validation of external API responses is mentioned.
Audit Metadata