freshservice-automation
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill integrates with a remote MCP server hosted at https://rube.app/mcp, which serves as the provider for the Freshservice automation tools.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting untrusted data and having high-privilege capabilities.
- [PROMPT_INJECTION]: Ingestion points: Reads ticket subjects, descriptions, and other metadata via FRESHSERVICE_LIST_TICKETS and FRESHSERVICE_GET_TICKET tools.
- [PROMPT_INJECTION]: Boundary markers: No delimiters or instructions are provided to the agent to isolate external data from instructions.
- [PROMPT_INJECTION]: Capability inventory: Possesses tools for ticket modification (FRESHSERVICE_BULK_UPDATE_TICKETS) and outbound communication (FRESHSERVICE_CREATE_TICKET_OUTBOUND_EMAIL).
- [PROMPT_INJECTION]: Sanitization: No input validation or data sanitization mechanisms are described for the processed ticket data.
Audit Metadata