zenhub
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests the installation of the @membranehq/cli package from the NPM registry. This package is the official tool from the skill's author and is used to manage integration and authentication with external services.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various membrane CLI commands for authentication (membrane login), connection setup (membrane connect), and data management (membrane action run). These are legitimate uses of the tool for its intended purpose.
- [PROMPT_INJECTION]: The skill ingests data from ZenHub, creating a surface for indirect prompt injection. Ingestion points: ZenHub issues, board pipelines, and workspace metadata retrieved through CLI commands. Boundary markers: The instructions do not define any specific delimiters or instructions to ignore embedded commands in fetched data. Capability inventory: The skill possesses the capability to perform API requests and data modifications on ZenHub via the membrane CLI. Sanitization: No explicit data sanitization or validation procedures are outlined for processing retrieved ZenHub content.
Audit Metadata