email-prompt-building
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection vulnerability surface.
- Ingestion points: Data is read from multiple local files including
sourcing_research.mdandhypothesis_set.md. - Boundary markers: The instructions do not define delimiters or provide specific instructions to the agent to disregard potential instructions embedded within the ingested research content.
- Capability inventory: The skill utilizes file system read and write capabilities within the
claude-code-gtmworkspace directory. - Sanitization: No input validation or sanitization is performed on the ingested content before it is synthesized into the output prompt template.
- [NO_CODE]: No executable script files (e.g., Python, Node.js, or Shell) were found in the skill; it relies entirely on markdown-based instructions and templates.
Audit Metadata