matterport
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
@membranehq/clito manage connections and execute API actions. This is the vendor's official command-line interface and is used here for its intended purpose.\n- [EXTERNAL_DOWNLOADS]: The instructions guide the installation of the@membranehq/clipackage from the NPM registry. This is a trusted dependency provided by the skill's author.\n- [PROMPT_INJECTION]: The skill processes data from external Matterport Spaces, which introduces a surface for indirect prompt injection.\n - Ingestion points: Data retrieved through the
membrane action runandmembrane requestcommands in the SKILL.md file.\n - Boundary markers: No explicit delimiters are used to wrap or isolate external Matterport content in the agent prompt.\n
- Capability inventory: The skill uses the
membraneCLI to perform network operations and execute pre-defined actions on the Matterport platform.\n - Sanitization: There is no documented sanitization or validation logic to filter potentially malicious instructions within Matterport data before it is processed by the agent.
Audit Metadata