personalization-at-scale
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its external research capabilities.
- Ingestion points: The skill instructs the agent to research external sources including LinkedIn activity, company news, blog posts, and podcast appearances (documented in SKILL.md under Research Sources).
- Boundary markers: The instructions do not define delimiters or provide clear guidelines for the agent to ignore potentially malicious instructions embedded within the fetched external data.
- Capability inventory: The skill requires the agent to perform network-based research to gather information and generate personalized outreach messages.
- Sanitization: There are no mechanisms described for sanitizing or validating the content retrieved from external websites before it is processed by the agent.
Audit Metadata