precoro
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installing the @membranehq/cli package, which is the official tool for interacting with the author's platform.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external Precoro API endpoints.
- Ingestion points: External data from Precoro actions and requests.
- Boundary markers: None identified; the skill does not instruct the agent to distinguish between instructions and data from the API.
- Capability inventory: Execution of shell commands via the Membrane CLI.
- Sanitization: No validation or sanitization of external data is specified.
- [COMMAND_EXECUTION]: The skill documentation provides command-line templates that incorporate JSON input. This creates a potential for command injection if an agent populates these fields with unvalidated user input.
Audit Metadata