there-there

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the there-there CLI to manage tickets, contacts, and channels. The commands are mapped to standard helpdesk operations such as listing, viewing, and replying to tickets.
  • [EXTERNAL_DOWNLOADS]: The skill instructions include installing the CLI via Composer from Spatie's official repository (composer global require spatie/there-there-cli). Spatie is a well-known and trusted organization in the software development community.
  • [PROMPT_INJECTION]: The skill processes untrusted content from ticket bodies and contact notes, which creates a surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the context via there-there show-ticket (message bodies) and there-there show-contact (contact notes).
  • Boundary markers: There are no explicit instructions to wrap ticket content in delimiters when the agent processes it.
  • Capability inventory: The agent has the capability to perform subprocess calls to the CLI for replying to tickets, forwarding content to email addresses, and changing ticket statuses.
  • Sanitization: The skill does not define specific sanitization or filtering logic for external ticket content, relying on the agent's default safety guidelines.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 08:42 AM
Security Audit — agent-trust-hub — there-there