pipeline
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface identified.
- Ingestion points: The skill processes user-supplied company domains and contact emails within SKILL.md to trigger research and enrichment tools.
- Boundary markers: Absent. No explicit delimiters are defined in the instructions to isolate data retrieved from tools (e.g., enrich_company, list_findings) from the agent's logic.
- Capability inventory: The skill utilizes business research tools, conversation history retrieval, and content generation tools (email and call prep generation).
- Sanitization: The instructions do not specify any validation, escaping, or filtering of external data before it is used to generate strategy and messaging.
Audit Metadata