Skills
skills/membranedev/application-skills/diffbot/Gen Agent Trust Hub

diffbot

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation instructs the installation of the @membranehq/cli global package via npm. This is a vendor-owned utility used to manage the authentication lifecycle and facilitate communication with the Diffbot API.
  • [COMMAND_EXECUTION]: The skill utilizes shell-based interactions with the membrane CLI to perform various tasks, including membrane login, membrane search, membrane connect, and membrane action run. These commands are used to manage authentication and trigger data extraction workflows.
  • [PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection because its core function is to extract and process data from external, untrusted web pages.
  • Ingestion points: Data is ingested into the agent's context from external URLs via Diffbot's extraction tools (Articles, Products, Discussions, etc.).
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions to separate extracted data from agent instructions.
  • Capability inventory: The skill allows the execution of arbitrary API requests via membrane request and pre-defined actions via membrane action run.
  • Sanitization: No sanitization or validation logic is specified for the content extracted from third-party web pages before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 05:57 AM