zapier
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes curl for API interactions, representing standard and documented usage for the service.\n- [EXTERNAL_DOWNLOADS]: Communication is restricted to actions.zapier.com, the official domain of Zapier, which is a well-known technology company and automation service.\n- [PROMPT_INJECTION]: The skill features an indirect prompt injection surface due to its natural language command interface for automation.\n
- Ingestion points: The instructions parameter in API request bodies within SKILL.md.\n
- Boundary markers: Delimiters are absent from the instruction templates.\n
- Capability inventory: Orchestrates actions across various connected third-party services via Zapier AI Actions.\n
- Sanitization: Input processing and safety checks are deferred to the Zapier AI Actions API.
Audit Metadata