Skills
skills/membranedev/application-skills/charthop/Gen Agent Trust Hub

charthop

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs and uses the @membranehq/cli package from the official NPM registry. This is a vendor-owned tool required for the integration's core functionality.
  • [COMMAND_EXECUTION]: The skill relies on shell commands through the Membrane CLI (membrane login, membrane connect, membrane action run) to interact with the ChartHop API. This is the intended design for secure credential handling.
  • [PROMPT_INJECTION]: As an integration that retrieves and processes external data from ChartHop, the skill possesses an attack surface for indirect prompt injection.
  • Ingestion points: Data retrieved from ChartHop through the membrane action run command in SKILL.md.
  • Boundary markers: Absent; the skill does not specify the use of delimiters when processing external data.
  • Capability inventory: Performs shell command execution via the CLI tool in SKILL.md.
  • Sanitization: Absent; no explicit sanitization or validation of the data returned from the external API is documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 09:29 PM
Security Audit — agent-trust-hub — charthop