Skills
skills/extruct-ai/gtm-skills/list-building/Gen Agent Trust Hub

list-building

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to verify the presence of the EXTRUCT_API_TOKEN environment variable and provides instructions for the user to export it if missing.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to fetch live documentation from https://www.extruct.ai/docs at runtime to ensure local reference files are up to date.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and processes untrusted data from multiple sources.
  • Ingestion points: Data is read from local context files (claude-code-gtm/context/) and retrieved from external API responses (e.g., company_description from search results).
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious content embedded within the ingested data.
  • Capability inventory: The skill has the capability to perform network requests to the vendor's API and documentation site, read local configuration files, and overwrite local reference files (references/discovery-api.md, references/search-filters.md).
  • Sanitization: No evidence of sanitization or validation of the external content was found before it is used in subsequent logic or prompt construction.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 02:42 PM