Skills
skills/aaaaqwq/agi-super-skills/helpdesk-automation/Gen Agent Trust Hub

helpdesk-automation

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the user to configure an external MCP server endpoint at https://rube.app/mcp. This server is used to broker tool calls and connections to the HelpDesk provider.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external ticketing systems.
  • Ingestion points: Data retrieved from HELPDESK_LIST_TICKETS (ticket bodies and subjects) and HELPDESK_LIST_CANNED_RESPONSES (template content) enters the agent's context.
  • Boundary markers: The skill instructions do not specify any delimiters or safety markers to differentiate between system instructions and ticket content.
  • Capability inventory: The current toolkit configuration focuses on read-only operations (listing tickets, viewing custom fields), which limits the impact of potential injections.
  • Sanitization: There is no evidence of content sanitization or validation of the retrieved ticket data before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:55 AM