moco
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to interact with the MOCO service. This includes logging into the platform, managing connections, and executing specific actions (e.g., starting timers, creating timesheets). - [EXTERNAL_DOWNLOADS]: The instructions require the installation of the
@membranehq/clipackage via npm. This package is the official tool provided by the skill's vendor and is necessary for the integration's functionality. - [SAFE]: The skill prioritizes secure credential management by using an external connection model. It explicitly instructs the agent to never ask the user for API keys, instead relying on the
membrane connectworkflow which handles authentication server-side. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it retrieves and processes data from the MOCO API.
- Ingestion points: External data enters the context through the output of
membrane action runandmembrane action listcommands. - Boundary markers: The provided instructions do not include specific delimiters or warnings to ignore instructions embedded in the external data.
- Capability inventory: The agent has the ability to execute shell commands and modify project management data via the CLI.
- Sanitization: There are no mentioned mechanisms for sanitizing or validating the content retrieved from MOCO before it is processed by the agent.
Audit Metadata