Freshdesk
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent misunderstands a request or acts too broadly, it could modify or delete Freshdesk tickets, contacts, or related business records.
The documented Freshdesk actions include creating, updating, and deleting support/customer records, but the artifacts do not specify confirmation or scoping requirements before high-impact changes.
Create Ticket ... Update Ticket ... Delete Ticket ... Delete Contact
Require explicit user confirmation before create, update, or delete actions; show the connection, target record IDs, and intended changes before execution; use a least-privilege Freshdesk account where possible.
A returned instruction could steer the agent's workflow if treated as authoritative.
The skill allows remote service responses to provide procedural instructions to the agent, which is useful for setup but should not override the user's goal or safety constraints.
`clientAction.agentInstructions` (optional) — instructions for the AI agent on how to proceed programmatically.
Treat remote `agentInstructions` as untrusted guidance: follow them only when they align with the user's request and do not bypass confirmations or security policy.
The agent's effective Freshdesk access will match the privileges granted through Membrane and the connected Freshdesk account.
The integration depends on delegated account authentication and credential refresh, which is expected for Freshdesk access but gives the connected account's privileges to the workflow.
Membrane handles authentication and credentials refresh automatically
Connect only the intended Freshdesk account, prefer least-privilege roles, and revoke the Membrane connection when no longer needed.
Installing the CLI changes the local environment and runs code from the npm package distribution.
The skill asks for a global npm install using the moving `latest` tag; this is purpose-aligned but leaves behavior dependent on the currently published package version.
npm install -g @membranehq/cli@latest
Install from the trusted package source, consider pinning a reviewed version, and use an isolated environment if possible.
Freshdesk tickets, contacts, and related customer data may be processed through the Membrane service during use.
Freshdesk access is mediated through Membrane, so the data and credential boundary includes that third-party service as well as Freshdesk.
This skill uses the Membrane CLI to interact with Freshdesk. Membrane handles authentication and credentials refresh automatically
Verify the Membrane tenant, privacy expectations, and Freshdesk connection before using the skill with sensitive customer data.