chmeetings
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/cliNode.js package. This is the official command-line interface for the Membrane platform, provided by the vendor. - [COMMAND_EXECUTION]: The skill utilizes the
membraneCLI to perform searches, manage connections, and execute actions against the ChMeetings API. All commands are standard for the platform's operation. - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it retrieves data from external ChMeetings records (such as member notes or profile information) and incorporates it into the agent's context.
- Ingestion points: Output from
membrane action runandmembrane requestcommands inSKILL.md. - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands in the retrieved data.
- Capability inventory: The agent has the ability to execute shell commands via the
membraneCLI tool. - Sanitization: No sanitization or validation of the retrieved API data is performed before it is processed by the agent.
Audit Metadata