cold-email
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The instructions focus exclusively on the persona of an expert cold email writer. There are no patterns suggesting attempts to bypass safety filters, ignore previous instructions, or extract system prompts.
- Data Exposure & Exfiltration (SAFE): No sensitive file paths, credentials, or network exfiltration patterns were detected. The skill references a local file
.claude/product-marketing-context.mdto gather marketing context, which is a standard pattern for context-aware agents and does not constitute unauthorized exposure. - Remote Code Execution & Dependencies (SAFE): The skill contains no code (Python, JavaScript, or Shell) and does not define any external packages in metadata or reference files.
- Obfuscation (SAFE): Content analysis found no Base64 encoding, zero-width characters, or homoglyph attacks. All text is clear and human-readable.
- Indirect Prompt Injection (SAFE): While the skill ingests user input to generate emails, it lacks any execution capabilities (such as file-writing or network access) that could be exploited via malicious data injection.
Audit Metadata