customer-io
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Executes shell commands using
curlto interact with Customer.io APIs. The instructions advise wrapping these commands inbash -cto ensure correct environment variable interpolation. - [COMMAND_EXECUTION]: Performs file write operations to
/tmp/cio_request.jsonto prepare JSON payloads for API requests. - [SAFE]: Secret management is handled correctly by referencing environment variables (
CUSTOMERIO_APP_TOKEN,CUSTOMERIO_SITE_ID,CUSTOMERIO_TRACK_TOKEN) instead of hardcoding sensitive credentials. - [SAFE]: Network activity is restricted to official Customer.io infrastructure (
cdp.customer.ioandapi.customer.io) as documented in the official service guidelines.
Audit Metadata