pagerduty-api
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (CRITICAL): Automated security scanning identified a phishing URL in 'references/resources/Teams.md', which constitutes a confirmed detection of malicious content. Additionally, the Automation Actions API ('references/schemas/Automation/AutomationActionsScriptActionDataReference.md') allows the creation and execution of arbitrary scripts on remote runners.
- Data Exposure & Exfiltration (HIGH): The Webhook Subscription API ('references/schemas/Webhook/WebhookSubscription.md') allows data to be sent to any arbitrary external URL via HTTP POST, creating a high risk of exfiltration for sensitive incident and account information.
- Indirect Prompt Injection (LOW): The skill presents a significant surface for indirect prompt injection attacks. Ingestion points: Untrusted data enters the agent context through 'listIncidents' and 'listIncidentNotes' operations ('references/operations/'). Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions for data fetched from the API. Capability inventory: The skill includes powerful capabilities such as remote script execution and network-based webhook registration. Sanitization: There is no evidence of content sanitization or filtering before external data is processed by the model.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata