account-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- Prompt Injection (SAFE): No direct injection markers or safety bypass attempts were found in the skill text.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file paths are present. The skill describes standard API-based integrations for CRM and enrichment tools.
- Unverifiable Dependencies (SAFE): No code is shipped with this skill; it consists entirely of markdown instructions.
- Indirect Prompt Injection (LOW): The skill ingests untrusted data from web searches and third-party tools to generate sales outreach suggestions. Ingestion points: External data from web search (Step 2), enrichment providers (Step 3), and CRM records (Step 4). Boundary markers: Absent; the agent is not instructed to treat external data as untrusted or use delimiters. Capability inventory: The skill uses ingested data to generate 'Opening Hooks' and 'Talking Points'. Sanitization: No validation or escaping of external content is described in the execution flow.
Audit Metadata