Skills
skills/membranedev/application-skills/whatsapp-by-online-live-support/Gen Agent Trust Hub

whatsapp-by-online-live-support

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the NPM registry. This is a vendor-owned utility for the Membrane platform described in the skill.
  • [COMMAND_EXECUTION]: The instructions involve executing various membrane CLI commands to manage authentication, establish service connections, and run business logic actions.
  • [PROMPT_INJECTION]: The skill processes data from WhatsApp messages and account records, which represents an indirect prompt injection surface.
  • Ingestion points: WhatsApp message content, chat records, and template data processed via membrane action run (SKILL.md).
  • Boundary markers: No specific delimiters or boundary markers for external content are defined in the prompt templates.
  • Capability inventory: The skill possesses the capability to execute shell commands through the membrane CLI (SKILL.md).
  • Sanitization: The skill does not explicitly describe sanitization or filtering of the ingested WhatsApp data before it is presented to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 05:25 PM