chatra
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs the installation of the
@membranehq/clipackage from the NPM registry. This is an official tool provided by the vendor (membranedev) to manage integrations. - [COMMAND_EXECUTION]: The skill's functionality is built around executing shell commands using the
membraneCLI to authenticate, connect, and interact with Chatra. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted data from the Chatra platform.
- Ingestion points: Data is fetched via actions like
get-message,get-client, andget-pushed-message(SKILL.md). - Boundary markers: None present; there are no instructions to the agent to treat external content as data rather than instructions.
- Capability inventory: The agent can perform network requests and command execution via the
membraneCLI (SKILL.md). - Sanitization: No sanitization or validation of external content is described.
Audit Metadata