make
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to manage the Make automation platform. All operations and instructions align with the platform's official API documentation and intended use cases.\n- [COMMAND_EXECUTION]: The skill uses common CLI tools such as
curlfor making network requests andjqfor processing JSON responses. These are standard practices for API integration skills.\n- [CREDENTIALS_UNSAFE]: Authentication is handled using an environment variable (MAKE_TOKEN) with a placeholder for the user's actual token. This follows best practices for secret management and avoids hardcoded credentials.\n- [EXTERNAL_DOWNLOADS]: Network operations are directed towards official Make API domains (e.g.,eu1.make.com,us1.make.com). These are recognized as legitimate service endpoints for the platform.\n- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it retrieves and processes data from an external API (such as scenario blueprints or data store records) which could be manipulated by external actors to influence the agent.\n - Ingestion points: API responses from
make.comendpoints are read into the agent context viacurlandjq.\n - Boundary markers: No specific delimiters or "ignore instructions" markers are used in the provided examples when processing API output.\n
- Capability inventory: The agent can perform network requests (
curl), write temporary files (/tmp), and execute subprocesses.\n - Sanitization: The skill does not implement explicit sanitization or validation of the data retrieved from the API before it is processed by the agent.
Audit Metadata