aqilla
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@membranehq/clipackage from the official NPM registry. This is the standard tool for managing Membrane connections and is a trusted resource from the skill's vendor. - [COMMAND_EXECUTION]: The skill instructs the agent to execute
membraneCLI commands to handle authentication (membrane login), connection management (membrane connect), and action execution (membrane action run). These operations are necessary for the skill to function as an integration bridge. - [DATA_EXFILTRATION]: The skill communicates with the Aqilla API and Membrane's proxy servers (
getmembrane.com) to manage accounting records, financial transactions, and configuration data. This network activity is consistent with the skill's stated purpose of managing Aqilla data. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes data from an external source (Aqilla).
- Ingestion points: Fetches records, reports, articles, and forum content from the Aqilla API via
membrane requestandmembrane action run(SKILL.md). - Boundary markers: No explicit delimiter-based safety instructions are present in the provided documentation.
- Capability inventory: The agent can perform shell commands via the
membraneCLI to query or modify data in the remote system. - Sanitization: Relies on the Membrane platform's internal proxy and authentication mechanisms to ensure secure data handling.
Audit Metadata