Skills
skills/membranedev/application-skills/pubnub/Gen Agent Trust Hub

pubnub

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the membrane CLI to interact with PubNub, which involves running commands for authentication, searching for connectors, and executing actions.
  • [EXTERNAL_DOWNLOADS]: The skill directs the user to install the @membranehq/cli package from npm. This is the official command-line tool for the Membrane platform, which is the vendor for this skill.
  • [PROMPT_INJECTION]: The skill processes real-time data from PubNub, creating a surface for indirect prompt injection.
  • Ingestion points: External data enters the agent context via the output of membrane action run and membrane request commands in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent for handling the data output.
  • Capability inventory: The skill can perform state-changing actions on PubNub via membrane action run and arbitrary API requests via membrane request.
  • Sanitization: The skill delegates credential management to the Membrane platform, which uses server-side OAuth and token management to avoid exposing raw API keys.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 03:36 PM