Skills
skills/extruct-ai/gtm-cowork-skills/meddpicc-post-call/Gen Agent Trust Hub

meddpicc-post-call

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
  • Ingestion points: Untrusted data enters the agent context via meeting transcripts (get_meeting_transcript), Gmail threads (gmail_read_thread), and CRM note bodies (get-note-body).
  • Boundary markers: The instructions do not require the use of delimiters or boundary markers when processing these external data sources, increasing the risk that embedded instructions could be followed.
  • Capability inventory: The skill possesses write capabilities including updating records (update-record), creating notes (create-note), and creating tasks (create-task) in the Attio CRM.
  • Sanitization: There is no instruction to sanitize or validate the content extracted from transcripts or emails before it is used to populate CRM fields or tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 06:20 AM