sales-zendesk
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECREDENTIALS_UNSAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: The file
references/zendesk-api-reference.mdcontains example authentication credentials, including a specific token string6wiIBWbGkBMo1mRDMuVwkw1EPsNkeUj95PIz2akvand a Base64-encoded basic authentication headeramRvZUBleGFtcGxlLmNvbS90b2tlbjo2d2lJQldiR2tCTW8xbVJETXVWd2t3MUVQc05rZVVqOTVQSXoyYWt2. While presented as documentation examples with a placeholder email address, these represent hardcoded security strings. - [PROMPT_INJECTION]: The skill implements a knowledge-persistence feature that is susceptible to indirect prompt injection. In
SKILL.md, the agent is instructed to append new information discovered during conversations toreferences/learnings.md. - Ingestion points: Data from user interactions is processed and stored.
- Boundary markers: None identified in the storage instructions.
- Capability inventory: File-write access to
references/learnings.mdand read access during initialization. - Sanitization: The skill lacks validation or sanitization for appended content, allowing malicious instructions to be persisted in the knowledge base.
- [EXTERNAL_DOWNLOADS]: The
SKILL.mdfile recommends the installation of a related skill using the commandnpx skills add sales-skills/sales --skill sales-do. This involves downloading and executing code from the npm registry. The resource is associated with the vendor 'sales-skills'.
Audit Metadata