livekit
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs the installation of the
@membranehq/cliNode.js package. This is an official command-line interface provided by the vendor (membrane) to facilitate integrations. - [COMMAND_EXECUTION]: The skill utilizes several
membraneCLI commands (e.g.,membrane login,membrane action run,membrane request) to manage connections and execute API operations. These commands are the core mechanism for the skill's functionality. - [DATA_EXFILTRATION]: The skill provides a proxying capability via
membrane requestto interact with the LiveKit API. This allows the agent to communicate with external endpoints through the vendor's infrastructure, which is the intended design for secure authentication and request routing in this environment. - [PROMPT_INJECTION]: The skill acts as an integration that processes data from the LiveKit API, introducing a potential surface for indirect prompt injection from external data sources.
- Ingestion points: Data enters the agent context through API responses from
membrane action runandmembrane request(SKILL.md). - Boundary markers: No specific boundary markers or instructions to ignore embedded commands in the API data are provided.
- Capability inventory: The agent can execute shell commands via the
membraneCLI and perform network operations through the vendor's proxy. - Sanitization: No explicit sanitization or validation of the external API content is mentioned.
Audit Metadata