zendesk
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill initiates network requests exclusively to the official Zendesk API at zendesk.com. Sensitive credentials such as the API token and agent email are correctly handled via environment variables, ensuring they are not hardcoded or exposed in the source code.- [COMMAND_EXECUTION]: Uses standard command-line tools (curl and jq) to perform REST API operations and process JSON data. These operations are limited to the intended functionality of the skill.- [PROMPT_INJECTION]: Because the skill fetches and displays content from Zendesk tickets, it contains a surface for indirect prompt injection.
- Ingestion points: ticket subjects and descriptions retrieved via curl in SKILL.md.
- Boundary markers: Not present in the command examples.
- Capability inventory: Restricted to network access (curl) and JSON parsing (jq).
- Sanitization: None present; the skill outputs raw data from the API to the agent context.
Audit Metadata