zendesk
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the official
@membranehq/cliNode.js package, which is the vendor's tool for managing integration connections.\n- [COMMAND_EXECUTION]: Uses themembraneCLI for operational tasks, including authentication (membrane login) and executing predefined Zendesk actions (membrane action run).\n- [PROMPT_INJECTION]: The skill processes untrusted external data from Zendesk tickets and comments, which constitutes a standard indirect prompt injection surface.\n - Ingestion points: Ticket descriptions, comments, and user profiles retrieved from Zendesk.\n
- Boundary markers: None explicitly specified within the skill instructions.\n
- Capability inventory: Ability to perform authenticated API calls and proxy requests to Zendesk via the
membraneCLI.\n - Sanitization: No specific sanitization or filtering logic is mentioned for the ingested content.
Audit Metadata