mono
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the official npm registry. This is a vendor-provided tool necessary for the skill's functionality. - [COMMAND_EXECUTION]: The skill uses several shell commands via the
membraneCLI (e.g.,membrane login,membrane search,membrane connect, andmembrane action run) to interact with the Mono API and manage user sessions. - [PROMPT_INJECTION]: The skill is designed to ingest and process data from the Mono API, which presents a surface for indirect prompt injection from external financial records.
- Ingestion points: API responses from
membrane action runandmembrane requestcommands (SKILL.md). - Boundary markers: None identified in the provided instructions.
- Capability inventory: The skill can execute shell commands through the Membrane CLI and perform arbitrary network requests via the
membrane requestcommand. - Sanitization: No explicit sanitization or schema validation of the external API data is mentioned in the instructions.
Audit Metadata