Gorgias Automation
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires connecting to an external Model Context Protocol (MCP) server at 'https://rube.app/mcp'. This domain is not among the predefined trusted providers, meaning the logic and security of the remote server are unverifiable.
- COMMAND_EXECUTION (MEDIUM): The skill provides tools with high-privilege capabilities such as merging customer records, modifying account data, and updating ticket statuses. These could be misused if the agent is compromised or coerced.
- PROMPT_INJECTION (LOW): High surface area for indirect prompt injection via the 'GORGIAS_LIST_TICKETS' and 'GORGIAS_GET_TICKET' tools. Attackers could place malicious instructions in ticket bodies that the agent might execute while processing them. Evidence: Ingestion points (GORGIAS_LIST_TICKETS), Boundary markers (Absent), Capability inventory (GORGIAS_UPDATE_TICKET, GORGIAS_MERGE_CUSTOMERS), Sanitization (Absent).
- DATA_EXFILTRATION (LOW): The tools access sensitive Personally Identifiable Information (PII) including names, emails, and addresses. While no explicit malicious exfiltration is present, the data flows through the third-party 'rube.app' service.
Audit Metadata