chatsonic
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the global installation of the Membrane CLI tool (@membranehq/cli) via NPM. This is a vendor-provided tool designed to facilitate communication with the Membrane platform and managed integrations.
- [COMMAND_EXECUTION]: The skill instructions rely on the execution of the membrane command-line interface to perform authentication (membrane login), discover available actions (membrane action list), and execute requests (membrane action run and membrane request) against the Chatsonic service.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
- Ingestion points: External data enters the agent's context from the Chatsonic API responses when performing actions or sending proxy requests.
- Boundary markers: There are no explicit instructions or delimiters provided to the agent to distinguish between its primary instructions and the content retrieved from the external AI service.
- Capability inventory: The agent can execute system commands through the membrane CLI, which could be used to interact with other connected services if the agent is manipulated by external content.
- Sanitization: No sanitization, validation, or filtering of the external API responses is defined within the skill's instructions.
Audit Metadata