Skills
skills/extruct-ai/gtm-cowork-skills/deal-intelligence/Gen Agent Trust Hub

deal-intelligence

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill transmits company domains to api.extruct.ai to perform signal monitoring and enrichment. This is a vendor-owned resource (extruct-ai) and is consistent with the skill's purpose.
  • [PROMPT_INJECTION]: The skill processes untrusted data from Gmail and Granola to automate record creation in Attio CRM and file writes in the local revops/customers/ directory. This creates a surface for indirect prompt injection, as the skill lacks explicit boundary markers or sanitization to prevent the agent from following instructions embedded in emails or notes.
  • Ingestion points: Fetches data from gmail_search_messages and query_granola_meetings (SKILL.md).
  • Boundary markers: None present to isolate external content.
  • Capability inventory: Capabilities include create-record, upsert-record, and create-note in Attio CRM, as well as local file persistence in revops/customers/ (SKILL.md).
  • Sanitization: No sanitization or validation logic is applied to the content retrieved from external communication sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 06:20 AM