twenty
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with 'api.twenty.com', which is the official API endpoint for the Twenty CRM service. This is a standard and expected operation for a CRM integration.
- [COMMAND_EXECUTION]: Employs 'curl' and 'jq' to perform REST and GraphQL queries. These commands are used for their intended purpose of data retrieval and formatting without any signs of command injection or malicious intent.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes data from external CRM records (notes, tasks, company names). This is a common property of tools that read external content.
- Ingestion points: API responses from 'api.twenty.com' containing user-generated CRM content (SKILL.md).
- Boundary markers: Not explicitly defined in the instructions.
- Capability inventory: Includes file writing to '/tmp' and network communication via 'curl' (SKILL.md).
- Sanitization: Not present in the provided instructions; relies on the agent's internal safety protocols.
Audit Metadata