botpress
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the official @membranehq/cli package from NPM, a necessary dependency for the integration.
- [COMMAND_EXECUTION]: Uses the membrane CLI to perform Botpress operations, such as listing users and running actions.
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. 1. Ingestion points: Botpress conversation and message data (SKILL.md). 2. Boundary markers: None specified. 3. Capability inventory: Command execution and API proxy requests via membrane CLI (SKILL.md). 4. Sanitization: Not explicitly documented.
- [SAFE]: Authentication is handled securely through the Membrane platform, preventing the exposure of API keys or tokens.
Audit Metadata