greenhouse-harvest
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill leverages the Membrane CLI to securely manage Greenhouse Harvest data. By using a centralized platform for authentication, it avoids the risks associated with hardcoded credentials or local secret storage.
- [EXTERNAL_DOWNLOADS]: The skill instructions include installing the '@membranehq/cli' package and using 'npx' to run vendor-provided tools. These resources are provided by the skill author and are necessary for the primary integration tasks.
- [COMMAND_EXECUTION]: Users are prompted to run 'membrane' CLI commands to perform searches, establish connections, and execute actions. These commands are used to interact with the Greenhouse Harvest API through the Membrane proxy and are consistent with the skill's purpose.
- [SAFE]: Potential for indirect prompt injection was evaluated. The skill ingests data from Greenhouse Harvest via API responses processed by the Membrane CLI. It does not contain any capabilities that would allow ingested data to execute unauthorized commands or access sensitive local files.
Audit Metadata