skills/jeremylongshore/claude-code-plugins-plus-skills/zapier-integration-helper/Gen Agent Trust Hub
zapier-integration-helper
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code Detected] (SAFE): The skill consists entirely of a markdown file (
SKILL.md) providing natural language instructions and metadata. No Python scripts, Node.js files, or Shell scripts are included. - [Category 8] Indirect Prompt Injection (LOW): The skill identifies itself as a helper for business automation, which involves processing external data.
- Ingestion points: Processes user-provided descriptions of Zapier workflows, email contents, and spreadsheet data.
- Boundary markers (absent): No specific delimiters or safety instructions are provided to the agent to distinguish between user instructions and data content.
- Capability inventory: The skill metadata requests access to
Read,Write,Edit, andBashtools. - Sanitization (absent): No sanitization or validation logic is described in the prompt to handle potentially malicious instructions embedded in automation data.
- [Category 7] Metadata Poisoning (SAFE): The metadata fields (name, author, description) are descriptive and consistent with the skill's stated purpose without containing hidden instructions.
Audit Metadata