amlbot
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally via npm. This is a vendor-owned resource belonging to the skill author (Membrane) and is required for the skill's primary functionality. - [COMMAND_EXECUTION]: The skill utilizes several
membraneCLI commands to manage authentication, search for connectors, and execute actions. These commands are used as intended for service integration. - [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from the AMLBot API, which presents a surface for indirect prompt injection if the API responses contain malicious instructions.
- Ingestion points: Data returned from
membrane action runandmembrane requestcommands. - Boundary markers: No specific delimiters or instructions to ignore embedded content are provided in the skill documentation.
- Capability inventory: The skill possesses network access capabilities through the Membrane CLI to interact with external endpoints.
- Sanitization: There is no evidence of sanitization or validation of the data retrieved from the API before it is processed by the agent.
Audit Metadata