hotmart

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill uses the Membrane CLI to connect to Hotmart and run actions that read/list entities such as Forum posts, Comments, Blog Posts, Reviews and Support Tickets (user-generated Hotmart content), so the agent will ingest untrusted third‑party content from Hotmart that could influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires installing and running the Membrane CLI (npm install -g @membranehq/cli@latest — https://www.npmjs.com/package/@membranehq/cli), which fetches and executes remote code at runtime and is a required dependency for the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly targets Hotmart, a commerce/payment platform, and lists financial entities and actions such as Payment, Transaction, Refund, Withdrawal, Balance, Invoice, Checkout, Subscription, Offer, Order, and Commission. It uses the Membrane CLI to discover and run connector actions (membrane action run ...) against a Hotmart connection; those actions can include executing payments/refunds/withdrawals or modifying balances. Because the integration is specifically designed to interact with Hotmart's payment/transaction functionality (not a generic browser or HTTP tool), it provides direct financial execution capability.