freshdesk
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlto interact with the Freshdesk API and references azero doctorutility for connectivity diagnostics. - [DATA_EXFILTRATION]: Performs network operations targeting the well-known domain
freshdesk.comto manage support tickets and customer data. - [PROMPT_INJECTION]: The skill processes external data from Freshdesk (including ticket descriptions, conversation bodies, and solution articles in sections 1, 2, 7, 8, and 19), creating a surface for potential indirect prompt injection. No boundary markers or sanitization are implemented for this external content, which is processed in an environment with file-write and shell-execution capabilities.
Audit Metadata