Skills
skills/membranedev/application-skills/venly/Gen Agent Trust Hub

venly

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli tool from the npm registry to enable communication with the Membrane platform.- [COMMAND_EXECUTION]: Executes shell commands using the membrane CLI within SKILL.md to manage connections, search for blockchain actions, and perform proxy requests.- [PROMPT_INJECTION]:
  • Ingestion points: External data from the Venly API is ingested into the agent context via membrane action run and membrane request commands in SKILL.md.
  • Boundary markers: Absent; there are no explicit delimiters or instructions to ignore potential commands embedded in the retrieved blockchain data.
  • Capability inventory: The skill performs subprocess execution of the membrane CLI and initiates network requests to the proxy endpoint in SKILL.md.
  • Sanitization: Absent; content retrieved from external API endpoints is not validated or escaped before being presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 06:01 AM