Intercom Automation
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is primarily instructional and configuration-based, defining workflows for the Intercom platform. It does not contain executable scripts or shell commands that pose a risk to the host environment.
- [DATA_EXPOSURE]: The skill defines templates that use placeholders such as
{{first_name}}and{{email}}. These are standard variables for personalization in customer support tools and do not involve unauthorized data access or exfiltration. - [INDIRECT_PROMPT_INJECTION]: As an automation tool for customer messaging, the skill naturally processes inbound user content.
- Ingestion points: Inbound customer messages and conversation context are processed to determine bot replies or routing.
- Boundary markers: None explicitly defined for variables like
{{first_name}}, though these are typical template variables. - Capability inventory: The skill uses
intercom_messageandintercom_conversationtools to interact with users. - Sanitization: No explicit sanitization logic is described, but the risk is consistent with standard support automation use cases and is generally mitigated by the platform's internal safeguards.
Audit Metadata