skills/membranedev/application-skills/helpcrunch/Snyk

helpcrunch

Warn

Audited by Snyk on Apr 29, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent uses Membrane actions to fetch and act on HelpCrunch data (e.g., "get-chat-messages", "get-chat", "HelpCrunch Article", "create-message"), which are user-generated/untrusted third-party messages/articles that the agent would read and could materially influence follow-up actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 29, 2026, 12:44 PM

Issues

1

Security Audit — snyk — helpcrunch