lattice
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs the user to install the
@membranehq/clipackage from npm. This is the official CLI tool provided by the platform vendor (Membrane). - [COMMAND_EXECUTION]: The skill relies on shell commands executed via the
membraneCLI to manage connections and interact with the Lattice API. These commands are necessary for the skill's intended functionality. - [PROMPT_INJECTION]: The skill defines an indirect prompt injection surface by processing data from an external source (Lattice).
- Ingestion points: Untrusted data is ingested when the agent retrieves feedback, notes, and user-generated content from the Lattice API using actions like
get-feedbackandlist-updates. - Boundary markers: No specific delimiters or boundary instructions are provided to help the agent distinguish between its instructions and the data being processed.
- Capability inventory: The agent can perform significant actions via the
membrane action runandmembrane requesttools, which could be triggered by instructions embedded in the ingested data. - Sanitization: The skill does not mention any sanitization or validation processes for the data fetched from the external API.
Audit Metadata