hive
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package globally via the npm registry to enable communication with Hive.
- [COMMAND_EXECUTION]: The skill makes extensive use of the membrane CLI to execute actions, manage connections, and proxy raw HTTP requests to the Hive API.
- [PROMPT_INJECTION]: The skill processes untrusted data from Hive (tasks, notes, and comments) which could contain embedded instructions intended to influence the agent. Ingestion points: Data retrieved through 'membrane action run' and 'membrane request' commands. Boundary markers: Absent. Capability inventory: The skill can modify Hive data and perform network requests via the CLI. Sanitization: No sanitization of ingested Hive content is specified.
Audit Metadata