lano

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs the Membrane CLI at runtime using the app URL "https://www.lano.io/" (via membrane connection ensure "https://www.lano.io/" / membrane connection get), and Membrane's returned clientAction.agentInstructions can contain instructions for the AI agent—i.e., remote content fetched during runtime can directly control agent prompts.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill integrates with Lano, a payroll & compliance platform, and explicitly exposes payroll/payment-related entities and actions (Employee -> Payment, Contractor -> Payment, Company/Counterparty Bank Account, Invoice). It instructs using Membrane to discover and run provider-specific actions and to proxy arbitrary API requests to the Lano API (including POST/PATCH methods). These are specific, purpose-built financial capabilities for initiating and managing payments and bank account records — i.e., moving money — not a generic tool. Therefore it grants direct financial execution authority.