openrouter
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the official @membranehq/cli package, which is a verified tool provided by the skill author.
- [PROMPT_INJECTION]: The skill manages data from external LLM sources via OpenRouter, creating a surface for potential indirect prompt injection.
- Ingestion points: Data from actions like "create-chat-completion" or "get-user-activity".
- Boundary markers: Not specified in the current instructions.
- Capability inventory: Execution of membrane CLI actions and proxy requests.
- Sanitization: Not explicitly implemented in the skill instructions.
Audit Metadata