vies-api
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from npm, which is the official tool provided by the vendor for platform management. - [COMMAND_EXECUTION]: The skill uses the
membraneCLI to manage API connections and execute actions, facilitating communication between the agent and the VIES service. - [PROMPT_INJECTION]: The skill ingests validation records from the VIES API, which serves as an untrusted external data source.
- Ingestion points: API response data retrieved through
membrane action runandmembrane request(SKILL.md). - Boundary markers: None; data is processed without specific delimiters or instructions to disregard embedded commands.
- Capability inventory: The skill possesses the ability to execute system commands and manage connector states via the
membraneCLI. - Sanitization: No evidence of input validation or output escaping for external data was found.
Audit Metadata