intercom
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [UNVERIFIABLE_DEPENDENCIES]: The skill references the
@membranehq/clipackage for installation. This is the official tool provided by the author's platform (Membrane) to facilitate secure connections and action execution, and its use is consistent with the skill's intended functionality. - [INDIRECT_PROMPT_INJECTION]: The skill acts as an interface for Intercom data, which involves ingesting untrusted external content like customer messages and articles. This is a known surface for indirect prompt injection.
- Ingestion points: Intercom API data (conversations, users, articles) accessed via
membranecommands inSKILL.md. - Boundary markers: None explicitly defined in the skill instructions.
- Capability inventory: Uses
membrane action runandmembrane requestfor data modification and API interaction inSKILL.md. - Sanitization: Relies on the Membrane platform's pre-built actions to handle data safely, which is a recommended mitigation strategy for this integration type.
Audit Metadata