Skills
skills/membranedev/application-skills/drchrono/Gen Agent Trust Hub

drchrono

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli global package from NPM, which is a resource owned by the skill vendor (membranedev).
  • [COMMAND_EXECUTION]: Executes shell commands via the membrane CLI to authenticate users, manage API connections, and run medical workflow actions.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external data from the DrChrono EHR.
  • Ingestion points: Data retrieved from DrChrono (e.g., clinical notes, patient records) enters the agent context via membrane action run output.
  • Boundary markers: None explicitly defined in the provided instruction text to separate EHR data from instructions.
  • Capability inventory: The skill has access to shell command execution (membrane CLI) and the ability to create new integration logic via membrane action create.
  • Sanitization: Relies on the Membrane platform's internal handling of action outputs and structured JSON responses.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 09:13 PM
Security Audit — agent-trust-hub — drchrono