talkjs
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the Membrane CLI tool (
@membranehq/cli) via npm. This is a standard practice for interacting with the Membrane platform and the package is maintained by the skill's authoring organization. - [COMMAND_EXECUTION]: The skill utilizes several CLI commands (
membrane login,membrane connect,membrane action run,membrane request) to interact with the TalkJS API. These commands are part of the intended functionality for managing chat data and workflows through the Membrane environment. - [DATA_EXFILTRATION]: While the skill facilitates data movement between the local environment and TalkJS, it does so through authenticated proxy requests. It explicitly instructs against collecting user credentials directly, instead leveraging Membrane's internal connection management to securely handle tokens.
- [INDIRECT_PROMPT_INJECTION]: The skill provides the ability to read and process data from TalkJS (conversations, messages). While this introduces an ingestion surface for untrusted external data, the skill acts as a bridge for the agent to perform specific actions and does not demonstrate unsafe interpolation of this data into executable contexts.
Audit Metadata