call-prep
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill is composed entirely of markdown instructions and metadata. No Python scripts, Node.js files, or other executable binaries were found.\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection (Category 8) because it processes data from untrusted external sources which could contain malicious instructions. \n
- Ingestion points: Web search results (Step 2), Email threads, and Chat discussions (Step 1). \n
- Boundary markers: Absent; the execution flow does not specify delimiters or instructions for the agent to ignore embedded commands within the retrieved data. \n
- Capability inventory: Access to CRM account history, email searching, and web research capabilities. \n
- Sanitization: Absent; the skill does not define any validation or filtering for the external content it retrieves.
Audit Metadata