alphamoon
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage globally via npm. This is a vendor-owned tool provided by the author to facilitate interaction with the Membrane platform. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI for managing connections, searching for actions, and executing requests to the Alphamoon API. - [PROMPT_INJECTION]: The skill handles untrusted data from the Alphamoon API, which presents a surface for indirect prompt injection attacks.
- Ingestion points: Data is ingested through actions such as
get-ocr-resultsandget-collection-resultsvia themembrane action runcommand. - Boundary markers: There are no specific delimiters or instructions defined to prevent the agent from following instructions embedded within the retrieved data.
- Capability inventory: The skill has the capability to execute shell commands and perform network requests using the
membraneCLI and proxy. - Sanitization: The skill does not implement sanitization or validation for the content returned from external API calls.
Audit Metadata