founder-sales
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill content is educational and instructional, focusing on founder-led sales strategies. No executable code or suspicious system commands are present.- [PROMPT_INJECTION]: The signal-based outreach workflow uses search tools (exa-company-research, exa-people-research, etc.) to gather information from external websites like LinkedIn and X. This represents a potential surface for indirect prompt injection if an attacker embeds instructions in their public profiles or posts.
- Ingestion points: SKILL.md workflow steps 1 and 3 retrieve external data via research tools.
- Boundary markers: No specific delimiters or instructions are provided to the agent to treat external search results as untrusted data.
- Capability inventory: The agent uses retrieved data to generate email content (cold-email) and record logs (structured-log). No shell execution or file-system writing capabilities are involved in this specific workflow.
- Sanitization: The skill relies on the agent's default safety filtering for external content.
Audit Metadata