melo
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the '@membranehq/cli' package globally via npm. This is a legitimate utility provided by the vendor to facilitate platform interactions.
- [COMMAND_EXECUTION]: The skill makes extensive use of the 'membrane' command-line interface to manage authentication, discover available actions, and execute requests against the Melo API. These commands are necessary for the skill's primary functionality and use structured JSON for data handling.
- [PROMPT_INJECTION]: The skill interacts with external data from the Melo platform, such as transcriptions and project details, which constitutes a surface for indirect prompt injection.
- Ingestion points: External data enters the agent context via 'membrane action run' and 'membrane request' commands.
- Boundary markers: The instructions do not define specific delimiters or guardrails for isolating retrieved external content.
- Capability inventory: The skill utilizes CLI-based network requests and action executions to interact with the Melo API.
- Sanitization: There is no mention of sanitization or validation of the data retrieved from the external service before it is processed by the agent.
Audit Metadata