alumio
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/cliglobal package and utilizesnpxto execute the latest version for action discovery. These are official vendor resources and are documented as safe functionality.\n- [COMMAND_EXECUTION]: The skill relies on themembraneCLI to execute connection searches, authentication, and API actions. These operations are core to the skill's purpose and are performed through the author's established toolset.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests data from the Alumio platform which may contain content from untrusted third-party sources.\n - Ingestion points: External data enters the agent's context through the output of
membrane action runandmembrane requestcommands as seen in SKILL.md.\n - Boundary markers: No specific delimiters or instructions to ignore embedded instructions are provided when processing Alumio records.\n
- Capability inventory: The agent has the capability to execute CLI commands and make network requests via the Membrane proxy.\n
- Sanitization: There is no evidence of sanitization, schema validation, or filtering of the content returned by the Alumio API before it is processed by the agent.
Audit Metadata