Skills
skills/extruct-ai/gtm-skills/list-building/Gen Agent Trust Hub

list-building

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified.
  • Ingestion points: Reads criteria and ICP data from claude-code-gtm/context/{company}_context.md and claude-code-gtm/context/{vertical-slug}/hypothesis_set.md.
  • Boundary markers: No delimiters or isolation instructions are present to prevent content in these files from being interpreted as agent commands.
  • Capability inventory: Performs network operations to api.extruct.ai and basic shell validation. No high-privilege system or file-write capabilities are used.
  • Sanitization: Content from context files is interpolated directly into API query strings and Discovery criteria without filtering or validation.
  • [EXTERNAL_DOWNLOADS]: Fetches updated API documentation and endpoint specifications from the vendor's official site at extruct.ai. This is used for schema verification and local reference updates.
  • [COMMAND_EXECUTION]: Uses test and echo shell built-ins to verify that the EXTRUCT_API_TOKEN is set in the environment before making network requests.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 01:14 AM