chatbase
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI (@membranehq/cli) from the npm registry to interact with Chatbase through the Membrane platform.
- [COMMAND_EXECUTION]: Uses the membrane CLI to execute various operations such as authentication, searching for connectors, and running Chatbase actions.
- [PROMPT_INJECTION]: Potential for indirect prompt injection when the agent processes data retrieved from Chatbase. (1) Ingestion points: Results from membrane action run and membrane request commands in SKILL.md. (2) Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present. (3) Capability inventory: The skill has the capability to execute shell commands via the Membrane CLI. (4) Sanitization: No sanitization, validation, or escaping of external content is described.
Audit Metadata