freshdesk-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code, hardcoded credentials, or data exfiltration patterns were detected in the skill instructions.
- [EXTERNAL_DOWNLOADS]: The skill requires the configuration of an external MCP server at
https://rube.app/mcp. This is a standard setup procedure for this integration. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it handles untrusted data from Freshdesk tickets and customer profiles.
- Ingestion points: Ticket descriptions and bodies (
FRESHDESK_CREATE_TICKET,FRESHDESK_VIEW_TICKET), contact information (FRESHDESK_SEARCH_CONTACTS), and note content. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when processing these data fields.
- Capability inventory: The agent can create/update tickets, add notes, and manage contact/company records via the Freshdesk API.
- Sanitization: There are no instructions for validating or escaping content retrieved from Freshdesk before it is processed by the agent.
Audit Metadata