kommo
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill adheres to security best practices by utilizing a managed authentication architecture and explicitly instructing against the collection or storage of raw API credentials.
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from npm. This is a legitimate tool provided by the vendor to interface with their platform. - [COMMAND_EXECUTION]: Provides instructions for executing shell commands via the
membraneCLI for tasks such as logging in, connecting to services, and querying CRM actions. - [PROMPT_INJECTION]: The skill ingests data from the Kommo CRM, creating a potential surface for indirect prompt injection.
- Ingestion points: CRM records (leads, contacts, tasks) retrieved via
membrane action runandmembrane requestas documented inSKILL.md. - Boundary markers: No specific boundary delimiters or instructions to ignore data-embedded commands are provided.
- Capability inventory: The agent can perform shell command execution via the
membranetool and execute network requests through the platform's proxy. - Sanitization: No specific data sanitization or validation procedures are implemented within the skill instructions.
Audit Metadata