whaly
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the @membranehq/cli package from the npm registry, which is the official tool provided by the vendor for managing integrations.
- [COMMAND_EXECUTION]: Executes the
membranecommand-line utility to perform operational tasks such as authenticating, discovering connectors, and running integration actions. - [DATA_EXFILTRATION]: Transfers data between the user environment and the Whaly platform. The skill uses the Membrane proxy to handle these requests, ensuring that authentication headers and base URLs are managed securely by the platform.
- [PROMPT_INJECTION]: The skill processes data from the Whaly platform (dashboards, models, datasets). This creates an indirect prompt injection surface where untrusted data from the external service could influence the agent's logic.
- Ingestion points: Command output from
membrane action runandmembrane request. - Boundary markers: Not implemented; the agent processes raw output from the CLI.
- Capability inventory: Includes the ability to execute API requests and connector-specific actions via the
membraneCLI. - Sanitization: The instructions do not specify any sanitization or filtering of the data returned from Whaly.
Audit Metadata