chatlayer
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage from the npm registry. This is a vendor-owned resource necessary for the skill's operations. - [COMMAND_EXECUTION]: The skill uses shell commands through the
membraneCLI to authenticate, manage connections, and execute actions within the Chatlayer environment. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by ingesting and processing data from external sources (Chatlayer).
- Ingestion points: Chatlayer training data, intents, entity values, and user utterances (SKILL.md).
- Boundary markers: No explicit delimiters or boundary markers are defined to isolate untrusted data from the agent's instructions.
- Capability inventory: The skill can list, create, and run actions (
membrane action run), which could be influenced by malicious content in the training data or utterances. - Sanitization: No sanitization or validation logic is specified for the external data before it is processed by the agent.
Audit Metadata