Security Audit

freshdesk-automation

github.com/sickn33/antigravity-awesome-skills

AI SkillCommit e36d6fd3b3f6

TRUSTED

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

freshdesk-automation received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Skill allows arbitrary file upload via FRESHDESK_IMPORT_CONTACT, Unpinned external dependency on Rube MCP.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit e36d6fd3). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Network Access

1 finding

Filesystem Write

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Skill allows arbitrary file upload via FRESHDESK_IMPORT_CONTACT The `FRESHDESK_IMPORT_CONTACT` tool is designed for bulk importing contacts from a CSV file. However, if the AI agent has access to the local filesystem, a malicious prompt could instruct the agent to upload any sensitive file (e.g., configuration files, credentials, private keys) to Freshdesk via this tool, leading to data exfiltration. The skill documentation does not restrict the `file` parameter to specific types or locations, posing a significant risk if the agent's environment is not properly sandboxed. Implement strict validation and sandboxing for file uploads. If possible, restrict the `file` parameter to only accept specific file types (e.g., `.csv`) and/or paths. Ensure the agent's environment prevents access to sensitive files or directories when using such tools.	LLM	SKILL.md:200
MEDIUM	Unpinned external dependency on Rube MCP The skill's manifest declares a dependency on 'rube' MCP (`{"mcp": ["rube"]}`) without specifying a version. The skill documentation also refers to `https://rube.app/mcp`. This introduces a supply chain risk, as future updates to Rube MCP could introduce vulnerabilities or malicious code that would be automatically inherited by this skill without explicit review or version control. Specify a precise version or a version range for the `rube` MCP dependency in the skill's manifest or configuration. Implement a mechanism to verify the integrity of external dependencies before deployment.	LLM	Manifest:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/3962ad49f553833c.svg)](https://skillshield.io/report/3962ad49f553833c)