cold-email
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing untrusted data from external sources.\n- Ingestion points: Data is ingested from LinkedIn profiles and posts using Crustdata MCP tools and from general web searches for company research.\n- Boundary markers: The instructions do not define delimiters or include warnings to ignore instructions embedded within the fetched external data.\n- Capability inventory: The skill is capable of generating personalized outreach text based on the provided context.\n- Sanitization: No sanitization or validation of external content is performed before it is used in the email generation prompt.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes external Crustdata MCP tools to gather intelligence on prospects and companies.
Audit Metadata