wachete
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage. This is the official command-line interface for the Membrane platform, consistent with the vendor's provided infrastructure. - [COMMAND_EXECUTION]: Uses the
membraneCLI for managing connections and executing actions. All commands are limited to the intended integration scope with the Wachete service. - [DATA_EXFILTRATION]: Authentication is handled server-side by Membrane. The skill does not access local sensitive files or hardcode credentials, reducing the risk of accidental exposure.
- [PROMPT_INJECTION]: The skill processes data from external web pages tracked by Wachete (Ingestion point: SKILL.md). While no explicit boundary markers or sanitization logic are defined in the instructions, this is a common surface for indirect prompt injection inherent to web-monitoring tools. (Capability inventory:
membrane action run,membrane requestin SKILL.md).
Audit Metadata