Skills
skills/membranedev/application-skills/product-hunt/Gen Agent Trust Hub

product-hunt

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @membranehq/cli package from the NPM registry. This package is an official tool provided by the vendor ('membranedev') for platform interaction.
  • [COMMAND_EXECUTION]: Uses the membrane CLI to perform authentication, create connections, and run actions. These commands are part of the core functionality for integrating with the Membrane ecosystem.
  • [PROMPT_INJECTION]: The skill processes external content from Product Hunt (posts and comments), representing a potential surface for indirect prompt injection.
  • Ingestion points: Output from membrane action run commands as described in SKILL.md.
  • Boundary markers: None explicitly defined in the instructions.
  • Capability inventory: Execution of CLI commands through the membrane binary.
  • Sanitization: No explicit sanitization or validation of the ingested external data is mentioned.
  • [SAFE]: The integration emphasizes secure credential handling by using a centralized connection manager, which avoids the need for hardcoded API keys or manual token management by the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 12:59 AM