sales-zendesk

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECREDENTIALS_UNSAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The file references/zendesk-api-reference.md contains example authentication credentials, including a specific token string 6wiIBWbGkBMo1mRDMuVwkw1EPsNkeUj95PIz2akv and a Base64-encoded basic authentication header amRvZUBleGFtcGxlLmNvbS90b2tlbjo2d2lJQldiR2tCTW8xbVJETXVWd2t3MUVQc05rZVVqOTVQSXoyYWt2. While presented as documentation examples with a placeholder email address, these represent hardcoded security strings.
  • [PROMPT_INJECTION]: The skill implements a knowledge-persistence feature that is susceptible to indirect prompt injection. In SKILL.md, the agent is instructed to append new information discovered during conversations to references/learnings.md.
  • Ingestion points: Data from user interactions is processed and stored.
  • Boundary markers: None identified in the storage instructions.
  • Capability inventory: File-write access to references/learnings.md and read access during initialization.
  • Sanitization: The skill lacks validation or sanitization for appended content, allowing malicious instructions to be persisted in the knowledge base.
  • [EXTERNAL_DOWNLOADS]: The SKILL.md file recommends the installation of a related skill using the command npx skills add sales-skills/sales --skill sales-do. This involves downloading and executing code from the npm registry. The resource is associated with the vendor 'sales-skills'.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 06:35 PM
Security Audit — agent-trust-hub — sales-zendesk