Skills
skills/manojbajaj95/gtm-skills/outbound-sequences/Gen Agent Trust Hub

outbound-sequences

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection due to its reliance on external research.\n
  • Ingestion points: The 'Research Sources' section in SKILL.md and the 'research_sources' section in resources/response-playbook.yaml instruct the agent to gather data from external, attacker-controllable sources such as LinkedIn posts, company news, and G2 reviews.\n
  • Boundary markers: Absent. The templates in resources/email-outreach.md and resources/linkedin-outreach.md interpolate variables like {{trigger}} and {{specific_observation}} directly into messages without delimiters or 'ignore embedded instructions' warnings.\n
  • Capability inventory: According to SKILL.md, the agent is granted 'Read', 'Write', 'Edit', and 'WebSearch' tools. While primarily intended for outreach, these tools could be abused if an attacker places malicious instructions in a prospect's public profile.\n
  • Sanitization: Absent. There is no logic provided to sanitize or validate the content retrieved via web research before it is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 03:51 PM