vultr
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands using the Membrane CLI (
membrane) to manage Vultr resources, includingmembrane login,membrane connect, andmembrane action run. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the NPM registry to function, which is a standard dependency for the vendor's ecosystem. - [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection (Category 8) due to its ability to ingest and act upon external data.
- Ingestion points: Data retrieved from the Vultr API via
membrane requestand metadata retrieved viamembrane action list(SKILL.md). - Boundary markers: Absent; the instructions do not specify the use of delimiters or provide warnings to the agent regarding potentially malicious content in API responses.
- Capability inventory: The skill can perform significant cloud infrastructure modifications (e.g., managing virtual machines, SSH keys, and firewall groups) via
membrane action runandmembrane request(SKILL.md). - Sanitization: Absent; there is no mention of validating or sanitizing retrieved API data before it is processed by the agent.
Audit Metadata