nano-nets
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from Nano Nets, which could include untrusted content leading to indirect prompt injection.
- Ingestion points: Retrieves notes, files, and activity logs from the Nano Nets platform (SKILL.md).
- Boundary markers: No specific delimiters or instructions are used to distinguish between data and instructions during prompt construction.
- Capability inventory: The skill can execute predefined actions and make arbitrary API requests through a proxy (SKILL.md).
- Sanitization: There is no evidence of data sanitization or validation of the content retrieved from the API.
- [COMMAND_EXECUTION]: Core functionality is implemented through shell commands.
- Evidence: Uses the 'membrane' CLI for login, action execution, and API requests.
- [EXTERNAL_DOWNLOADS]: Requires the installation of a global CLI package.
- Evidence: Instructions include 'npm install -g @membranehq/cli'. This is an official vendor package used to facilitate the integration.
Audit Metadata