Skills
skills/vm0-ai/vm0-skills/productlane/Gen Agent Trust Hub

productlane

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: Uses curl to interact with productlane.com APIs, which is the intended and documented purpose of the skill. Payloads are temporarily stored in /tmp/productlane_request.json before transmission.
  • [EXTERNAL_DOWNLOADS]: Fetches configuration and data from productlane.com and productlane.mintlify.dev. These are official service domains.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes feedback and documentation from external API responses.
  • Ingestion points: API responses from productlane.com containing user-provided feedback and article content (SKILL.md).
  • Boundary markers: None specified in the instructions.
  • Capability inventory: File system write access (/tmp/productlane_request.json), network access (curl).
  • Sanitization: The instructions do not define sanitization procedures for external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:44 PM