pp-freshservice
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installing the freshservice-pp-cli tool using npx from the @mvanhorn/printing-press npm package.
- [COMMAND_EXECUTION]: Primary functionality is achieved by executing shell commands via the freshservice-pp-cli binary to interact with the Freshservice API.
- [DATA_EXFILTRATION]: The CLI tool provides a --deliver webhook: flag which allows command results to be transmitted to arbitrary remote HTTP endpoints.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests and processes untrusted data from Freshservice tickets and knowledge base articles.
- Ingestion points: Ticket subjects, descriptions, and KB article content retrieved via freshservice-pp-cli.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the skill prompt.
- Capability inventory: The skill can execute various subcommands for CRUD operations on tickets, assets, and users.
- Sanitization: No sanitization or validation of the retrieved API content is performed before processing.
Audit Metadata