lettria
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the Membrane CLI (@membranehq/cli) from the official npm registry. This tool is the primary interface for managing connections and executing actions within the Membrane ecosystem.
- [COMMAND_EXECUTION]: Integration is performed via shell commands using the membrane executable. These commands facilitate account authentication, discovery of Lettria actions, and execution of text analysis workflows.
- [PROMPT_INJECTION]: As a text analysis tool, the skill is designed to process data from external sources like social media and customer feedback. This creates a potential surface for indirect prompt injection.
- Ingestion points: Processes results from document analysis, sentiment extraction, and summarization tasks.
- Boundary markers: No specific delimiters or ignore instructions are defined for processing the ingested text.
- Capability inventory: The skill can execute actions and make proxy requests via the membrane CLI.
- Sanitization: No explicit sanitization or filtering of the analyzed text is mentioned.
Audit Metadata