aiia
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry and utilizesnpxto execute vendor-provided tools. These resources are official components of the Membrane ecosystem. - [COMMAND_EXECUTION]: The skill relies on executing
membraneCLI commands to perform tasks such as authentication, listing actions, and proxying API requests. This is the intended operational model for the skill. - [PROMPT_INJECTION]: The skill interacts with the Aiia API and retrieves external data. This creates an attack surface for indirect prompt injection where malicious content in the API responses could influence agent behavior if not properly sanitized before being included in subsequent prompts.
- Ingestion points: Output from
membrane action runandmembrane requestcommands. - Boundary markers: None identified in the provided instructions.
- Capability inventory: Execution of
membraneCLI commands via terminal/subprocess. - Sanitization: Not explicitly defined within the skill's logic.
Audit Metadata