klaro-app
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage via NPM. This is a tool provided by the platform vendor for interacting with their services. - [COMMAND_EXECUTION]: Uses the
membraneCLI for managing connections and executing actions. These are legitimate operations within the scope of the skill's purpose. - [DATA_EXFILTRATION]: Authentication is handled by the Membrane CLI's login and connect mechanisms, which avoid direct handling of sensitive API keys or tokens by the agent instructions.
- [PROMPT_INJECTION]: The skill processes external data via action inputs, creating a surface for indirect prompt injection.
- Ingestion points:
membrane action runuses the--inputparameter to pass data to actions (SKILL.md). - Boundary markers: None identified in the prompt templates.
- Capability inventory:
membrane action runandmembrane action create(SKILL.md) allow interaction with external APIs. - Sanitization: Not explicitly defined in the skill instructions.
Audit Metadata