Trust Assessment
zendesk received a trust score of 86/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via Unsanitized URL Parameters.
The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 11, 2026 (commit 0676c56a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via Unsanitized URL Parameters The skill's example `curl` commands directly interpolate placeholders like `TICKET_ID`, `ORG_ID`, `USER_ID`, and parts of search queries into double-quoted strings within shell commands. In bash, command substitution (`$(command)`) is performed even within double quotes. If an LLM or user substitutes these placeholders with untrusted input containing shell metacharacters (e.g., `$(evil_command)`), it could lead to arbitrary command execution on the host system. While one example (`ACCOUNT_NAME` on line 109) correctly demonstrates URL encoding using `jq -sRr @uri`, this sanitization is missing from most other examples where user-controlled input would typically be used. All parameters derived from untrusted input (e.g., `TICKET_ID`, `ORG_ID`, `USER_ID`, and components of search queries) must be properly URL-encoded before being inserted into `curl` commands. The skill should consistently demonstrate this sanitization, for example, by using `$(echo "$USER_INPUT" | jq -sRr @uri)` for all such variables. | Unknown | SKILL.md:36 |
Scan History
Embed Code
[](https://skillshield.io/report/39748b77a1178a69)
Powered by SkillShield