Skills
skills/membranedev/application-skills/kamonio/Gen Agent Trust Hub

kamonio

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform various tasks, including user authentication (membrane login), searching for connectors (membrane search), and running specific actions (membrane action run). These are standard operations for the Membrane platform.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package globally via npm. This is a legitimate tool provided by the vendor for interacting with their services.
  • [PROMPT_INJECTION]: The skill involves processing data retrieved from Kamon.io (such as traces and spans). While this creates a surface for indirect prompt injection if external data contains malicious instructions, it is a standard operational risk for data-integration skills.
  • Ingestion points: Data retrieved via membrane action run and membrane request commands (SKILL.md).
  • Boundary markers: None present.
  • Capability inventory: Shell command execution via the membrane CLI tool (SKILL.md).
  • Sanitization: No specific sanitization or filtering of Kamon.io data is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 09:58 AM