vryno
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions to install the
@membranehq/clipackage via NPM. This is a legitimate utility provided by the skill's vendor to facilitate secure API communication. - [COMMAND_EXECUTION]: The skill utilizes several shell commands involving the
membraneCLI to manage connections and run actions. These commands are restricted to the intended functionality of the platform integration. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes data from external Vryno records (such as meetings, notes, and contacts) that could potentially contain malicious instructions. * Ingestion points: Output from
membrane action runandmembrane requestcommands. * Boundary markers: No specific delimiters or instructions are provided to the agent to distinguish between data and potential commands within retrieved content. * Capability inventory: The skill uses shell execution for themembraneCLI which could be targeted by injected instructions. * Sanitization: There is no evidence of explicit sanitization or filtering of the data retrieved from the Vryno API.
Audit Metadata