accelo
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the
@membranehq/cliglobal NPM package. This is the primary interface for the integration and is a resource provided by the skill's vendor. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it acts as a bridge to external CRM data (Jobs, Issues, Tasks, etc.).
- Ingestion points: Data enters the agent context via the
membrane action runandmembrane requestcommands when fetching records from Accelo. - Boundary markers: The instructions do not define specific delimiters or guardrails to distinguish between system instructions and data retrieved from the API.
- Capability inventory: The skill allows the agent to execute subprocesses (via the CLI) to read, create, and modify data in the Accelo platform.
- Sanitization: There is no evidence of sanitization or validation performed on the text fields retrieved from the external service before they are presented to the LLM.
Audit Metadata