Skills
skills/membranedev/application-skills/you-can-book-me/Gen Agent Trust Hub

you-can-book-me

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @membranehq/cli package from the npm registry, which is the official tool provided by the vendor for interacting with the Membrane platform.
  • [COMMAND_EXECUTION]: It uses the membrane command-line utility to manage authentication, search for available connectors, and execute actions on the You Can Book Me API. These commands are necessary for the skill's intended functionality.
  • [PROMPT_INJECTION]: The skill integrates with an external API, which inherently creates a surface for indirect prompt injection via ingested data.
  • Ingestion points: Data retrieved from membrane action list, membrane action run, and membrane request commands.
  • Boundary markers: No specific delimiters or instructions are provided to the agent to distinguish between its own logic and the data returned from the API.
  • Capability inventory: The skill possesses the ability to execute shell commands via the CLI and perform network requests.
  • Sanitization: There is no mention of sanitizing or validating the content of the API responses before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 11:25 AM