Skills
skills/membranedev/application-skills/whatsapp/Gen Agent Trust Hub

whatsapp

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the @membranehq/cli package via npm. This is a trusted resource provided by the skill's author ('membranedev').
  • [COMMAND_EXECUTION]: Uses the membrane CLI to execute actions (membrane action run) and make API requests (membrane request). This is the primary intended functionality of the integration.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes external messaging data.
  • Ingestion points: WhatsApp messages, statuses, and business profile information (identified in SKILL.md).
  • Boundary markers: Not present; the skill does not define specific delimiters to separate user data from instructions.
  • Capability inventory: The skill can send multiple message types, update business profiles, and mark messages as read via the CLI (identified in SKILL.md).
  • Sanitization: No explicit sanitization or validation of the incoming message content is implemented within the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 10:44 AM