sequence-performance
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection through the ingestion of external user content.
- Ingestion points: In SKILL.md (Step 1), the skill pulls 'Reply Content' including sender information and the full reply body text from outreach platforms.
- Boundary markers: There are no explicit instructions or delimiters defined to isolate the untrusted reply text from the agent's core processing logic.
- Capability inventory: The skill has reporting and analysis capabilities and connects to other skills like 'email-drafting' and 'cold-email-outreach', allowing findings from untrusted data to influence future actions.
- Sanitization: No sanitization or validation logic for the ingested email content is specified in the skill instructions.
Audit Metadata