kaleido
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage globally using NPM. This package is a vendor-owned resource provided by the author to facilitate the integration. - [COMMAND_EXECUTION]: The skill uses shell commands through the
membraneCLI to manage connections and execute API actions. This is the intended mechanism for the skill's functionality. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its core functionality of processing external data.
- Ingestion points: Data retrieved from Kaleido via
membrane action run(such as consortia or node details) enters the agent's context. - Boundary markers: Absent. The skill does not define specific markers or instructions to treat external API responses as untrusted data.
- Capability inventory: The skill can execute shell commands (
membrane) and perform network-based API actions through the Membrane platform. - Sanitization: Absent. There is no evidence of filtering or validation of the data returned from external sources before processing.
Audit Metadata