youzer
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-generated content from Youzer (such as wall posts, messages, and forum topics). This creates an attack surface for indirect prompt injection, where malicious instructions hidden in the retrieved data could attempt to influence the agent's behavior.
- Ingestion points: Data retrieved from the Youzer service via actions or requests (SKILL.md).
- Capability inventory: The skill has the capability to run actions and perform network requests via the
membraneCLI (SKILL.md). - Sanitization: The skill does not provide instructions for sanitizing or escaping the content retrieved from external sources.
- Boundary markers: There are no explicit instructions for using delimiters to separate external data from system instructions.
- [COMMAND_EXECUTION]: The skill relies on the execution of the
membraneCLI tool to manage connections and interact with the Youzer API. - Evidence: The instructions utilize commands such as
membrane action runandmembrane requestto perform operations (SKILL.md). - [EXTERNAL_DOWNLOADS]: The skill requires the installation of an external command-line utility from the npm registry.
- Evidence: The setup instructions include
npm install -g @membranehq/clito install the vendor's CLI tool (SKILL.md).
Audit Metadata