yc-cold-outreach
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes user-provided email drafts which are considered untrusted data. However, the skill has no associated tools or side-effect capabilities (such as file writing, network requests, or shell execution), meaning any potential injection is confined to the agent's textual output.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external packages or remote code patterns were detected; the skill is comprised solely of markdown documentation.
- [Data Exposure & Exfiltration] (SAFE): There are no instructions or scripts designed to access sensitive credentials or communicate with external servers.
- [Prompt Injection] (SAFE): The instructions are focused on the stated task and do not contain attempts to bypass model safety filters or override system prompts.
Audit Metadata