locoia
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the official Membrane CLI tool (@membranehq/cli) from the npm registry. This is a legitimate dependency provided by the skill author for platform interaction.
- [COMMAND_EXECUTION]: Uses the Membrane CLI to perform authentication, create connections, and run data management actions. These commands are the intended mechanism for interacting with the Locoia platform.
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection when handling external data.
- Ingestion points: The agent consumes and processes data returned from 'membrane action run' and 'membrane action get' commands (SKILL.md).
- Boundary markers: No explicit delimiters or instructions to ignore potential commands embedded in the retrieved Locoia data are provided in the instructions.
- Capability inventory: The skill is capable of executing CLI commands and performing network operations via the Membrane platform.
- Sanitization: There is no mention of sanitization or validation of the external content before it is interpolated into the agent's context.
Audit Metadata