skills/membranedev/application-skills/botpenguin/Snyk

botpenguin

Warn

Audited by Snyk on May 6, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). The SKILL.md explicitly documents actions that retrieve chat conversations and inbox users from BotPenguin (e.g., "List Chats" / "list-chats" and "List Inbox Users"), which are untrusted, user-generated third-party contents the agent will read and that can influence subsequent actions via the Membrane action workflow.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 6, 2026, 03:20 AM

Issues

1

Security Audit — snyk — botpenguin