kyvio
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the @membranehq/cli tool from the npm registry to enable interaction with the Membrane platform.
- [COMMAND_EXECUTION]: Executes shell commands using the membrane utility to manage connections and run API-related tasks.
- [PROMPT_INJECTION]: The skill acts as a surface for indirect prompt injection by ingesting untrusted data from the Kyvio API.
- Ingestion points: External data enters the context via membrane action run and membrane request outputs (e.g., subscriber or course data) found in SKILL.md.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the retrieved data.
- Capability inventory: Includes the ability to perform network operations and execute pre-defined actions via the Membrane proxy as described in SKILL.md.
- Sanitization: There is no evidence of data validation or sanitization before the external content is processed by the agent.
Audit Metadata