hyros
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry. This is the official tool provided by the author to interact with the underlying platform. - [COMMAND_EXECUTION]: The instructions involve executing various shell commands via the
membraneCLI, including login procedures, connection management, and the execution of specific Hyros actions. - [PROMPT_INJECTION]: The skill ingests data from external API responses (such as lead details or attribution reports) into the agent's context. This constitutes an indirect prompt injection surface where malicious content stored in the external system could attempt to influence the agent's behavior during data processing.
Audit Metadata