chatbot-builder
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The instructions guide the user to install the
@membranehq/clipackage from the NPM registry. This is the official CLI for the platform and is a trusted vendor resource. - [COMMAND_EXECUTION]: The skill uses
membraneCLI commands to manage connections and trigger API actions. While user-provided input is used in some commands (like action intents), this is consistent with the skill's purpose as a developer integration tool. - [PROMPT_INJECTION]: The skill interacts with external data from the Chatbot Builder API, creating a surface for indirect prompt injection. \n
- Ingestion points: Data enters the agent's context through output from
membrane action runandmembrane requestcalls. \n - Boundary markers: There are no explicit instructions to use delimiters or ignore embedded commands in retrieved data. \n
- Capability inventory: The skill can perform state-changing actions such as sending messages and creating contacts. \n
- Sanitization: No specific data sanitization or validation processes are described for the API responses.
Audit Metadata