zapier-workflows
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill consists exclusively of Markdown templates (mcp-patterns.md, zaps.md) and a license. No scripts, binaries, or active code are included.
- [DATA_EXFILTRATION] (SAFE): The references to webhooks and curl commands are illustrative templates with placeholders (e.g., [your-webhook-url]) rather than functional or hardcoded endpoints.
- [PROMPT_INJECTION] (LOW): The skill includes instructions for the agent to update its own reference files based on user input, which constitutes an indirect prompt injection surface. 1. Ingestion points: references/mcp-patterns.md and references/zaps.md. 2. Boundary markers: Absent. 3. Capability inventory: The agent is instructed to use an Edit tool to update these files. 4. Sanitization: None identified; the agent is directed to update based on user teaching.
Audit Metadata