alpaca
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the user to install the @membranehq/cli package from the npm registry. This is the official command-line tool provided by the vendor (membranedev) to handle authentication and secure communication with the Alpaca API.
- [COMMAND_EXECUTION]: The skill instructions utilize the membrane CLI for executing integration tasks such as 'membrane action run' and 'membrane request'. these commands are executed locally to manage trading data like order placement and account configuration.
- [PROMPT_INJECTION]: The skill processes data from external Alpaca API endpoints (e.g., asset lists, positions, and orders), which represents a potential surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the context through list-assets, list-positions, and get-order actions in SKILL.md.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded content are defined in the skill instructions.
- Capability inventory: The skill has the capability to perform state-changing operations like create-order and cancel-all-orders via the CLI.
- Sanitization: The skill relies on the underlying Membrane CLI and Alpaca API for data sanitization and request handling.
Audit Metadata