flyio
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the official Membrane CLI (@membranehq/cli) from the NPM registry to facilitate interaction with the platform.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via data processed from external sources. \n- Ingestion points: Responses from membrane action run and membrane request containing Fly.io app, machine, and volume data (SKILL.md). \n- Boundary markers: Absent; no specific delimiters are used to separate user instructions from data retrieved from the Fly.io API. \n- Capability inventory: Access to membrane CLI commands allows the agent to create, update, or delete resources on the Fly.io platform (SKILL.md). \n- Sanitization: Absent; the skill relies on standard platform handling of command outputs without explicit filtering of the content retrieved from external APIs.
Audit Metadata