snatchbot
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is the official command-line utility for the vendor's platform. - [COMMAND_EXECUTION]: The instructions utilize the
membraneCLI to perform operations such aslogin,search,connect, andaction run. These commands are used for managing the lifecycle of the integration and executing bot-related tasks. - [DATA_EXFILTRATION]: The skill describes using
membrane requestto send data to the SnatchBot API. This functionality is mediated by the vendor's proxy which handles authentication headers and connection management securely. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from external sources.
- Ingestion points: Data enters the agent's context through
membrane action runandmembrane requestwhich fetch bot interactions and content from SnatchBot (SKILL.md). - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the processed content.
- Capability inventory: The skill has the capability to perform network operations and execute platform actions via the
membraneCLI (SKILL.md). - Sanitization: No specific sanitization or filtering of the retrieved chatbot data is described in the provided instructions.
Audit Metadata