freshservice-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill directs users to add
https://rube.app/mcpas an MCP server. This domain is not part of the trusted external sources list. Since MCP servers can execute logic on the host system, this represents an unverifiable remote dependency. - PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection due to its processing of Freshservice ticket content combined with powerful write capabilities. * Ingestion points: Ticket data retrieved via
FRESHSERVICE_LIST_TICKETSandFRESHSERVICE_GET_TICKET. * Boundary markers: None; there are no instructions to isolate or delimit untrusted ticket content. * Capability inventory: High-impact tools includingFRESHSERVICE_BULK_UPDATE_TICKETSandFRESHSERVICE_CREATE_TICKET_OUTBOUND_EMAIL. * Sanitization: None; the skill does not implement validation or escaping for ingested data before passing it to subsequent tools.
Audit Metadata