social-proof-injection
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by instructing the agent to incorporate external, potentially untrusted data (prospect inputs and testimonial database content) into its conversational output.
- Ingestion points: Prospect attributes such as
stated_needs,pain_points, andobjections_raised, as well as thecontentfield from the social proof library (SKILL.md). - Boundary markers: Absent; the provided Python snippets (e.g.,
format_testimonial) use direct string interpolation without delimiters or instructions to ignore embedded commands within the data. - Capability inventory: The skill focuses on message construction and formatting logic for automated sales interactions.
- Sanitization: No sanitization, escaping, or validation of the external content is implemented or recommended in the provided implementation examples.
Audit Metadata