aloha-pos
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage via npm. This is a vendor-official tool for interacting with the Membrane platform and is considered a safe dependency. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to authenticate and perform POS-related actions, such as managing orders and customer records. These operations are consistent with the primary purpose of the skill. - [PROMPT_INJECTION]: The skill processes structured data from the Aloha POS API, creating a surface for potential indirect prompt injection. Ingestion points: Data retrieved via 'membrane action run' and 'membrane request'. Boundary markers: No specific delimiters or safety instructions are defined to separate untrusted POS data from the agent's instructions. Capability inventory: The skill has the ability to execute CLI commands and perform network requests through the Membrane proxy. Sanitization: No explicit validation or sanitization of the retrieved POS data is specified.
Audit Metadata