make-api-shell-connection-workflow
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use shell commands (e.g.,
curl) to interact with the Make REST API. This is the intended mechanism for automation and scenario management within the Make ecosystem. - [REMOTE_CODE_EXECUTION]: The skill's primary purpose is to provision, update, and execute Make scenarios. These scenarios run within the managed Make platform environment to perform SaaS data retrieval and operations.
- [CREDENTIALS_UNSAFE]: The skill adheres to secure credential management practices. It explicitly warns against requesting raw secrets from users and instead leverages Make's 'credential request' system. Placeholders like
YOUR_API_KEYare used in documentation. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and process data from external SaaS systems (emails, CRM, tickets).
- Ingestion points: Data enters the agent context through the response body of the app-specific API-call module (processed in
retrieval-execution.md). - Boundary markers: The instructions do not define specific boundary markers or 'ignore' instructions for the retrieved SaaS content.
- Capability inventory: The skill has the capability to create, patch, and execute scenarios via the Make API (
SKILL.md). - Sanitization: The skill mentions 'normalization' of data for user display but does not specify algorithmic sanitization or escaping of the raw SaaS payload.
Audit Metadata