simvoly
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@membranehq/clipackage from npm. This tool is provided by the author (membranedev) to manage interactions with their platform.\n- [COMMAND_EXECUTION]: The instructions involve executing severalmembraneCLI commands for logging in, connecting to services, and running actions.\n- [DATA_EXFILTRATION]: The skill moves data to and from Simvoly via the Membrane service. This is the intended purpose of the skill and is conducted through the vendor's secure infrastructure.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection (Category 8) as it ingests data from external actions.\n - Ingestion points: Data from Simvoly enters the agent's context through
membrane action runoutputs (SKILL.md).\n - Boundary markers: The instructions do not define specific delimiters to isolate potentially untrusted action results.\n
- Capability inventory: The skill has the ability to run existing actions (
membrane action run) and create new ones (membrane action create) (SKILL.md).\n - Sanitization: There are no documented steps for sanitizing or validating the content returned from the external API actions.
Audit Metadata