Skills
skills/membranedev/application-skills/chatlayer/Gen Agent Trust Hub

chatlayer

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli Node.js package, which is a standard requirement for interacting with the Membrane platform.- [COMMAND_EXECUTION]: The skill executes various membrane CLI commands to manage authentication, connections, and API actions for the Chatlayer service.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes external data that could contain malicious instructions designed to manipulate the agent.
  • Ingestion points: Untrusted data is retrieved from Chatlayer through actions such as list-customers, select-table-records, and get-table-data as defined in SKILL.md.
  • Boundary markers: There are no delimiters or specific instructions provided to the agent to treat retrieved data as untrusted or to ignore embedded commands.
  • Capability inventory: The skill has the capability to execute shell commands via the membrane CLI and perform network operations using membrane request, both of which could be abused if the agent follows injected instructions.
  • Sanitization: The skill does not implement any validation, escaping, or filtering of the content retrieved from the Chatlayer API before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 03:48 PM