wallarm
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the vendor's command-line interface tool, @membranehq/cli, from the official NPM registry to facilitate communication with the Membrane platform.
- [COMMAND_EXECUTION]: Utilizes shell-based commands through the membrane binary to manage authentication, search for connectors, and run Wallarm actions.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: 1. Ingestion points: Wallarm security events, IP records, and user data (SKILL.md). 2. Boundary markers: Not explicitly specified in the skill body. 3. Capability inventory: Use of the membrane CLI to execute actions and requests. 4. Sanitization: Validation is performed through Membrane's action schema definitions.
Audit Metadata