Skills
skills/personizeai/personize-skills/personize-code-pipelines/Gen Agent Trust Hub

personize-code-pipelines

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from multiple sources (emails, CRM records, web research) and interpolates it into AI prompts. This creates a surface for indirect prompt injection.\n
  • Ingestion points: Inbound email bodies in pipelines/conversational/email-reply-handler.ts, CRM properties in pipelines/crm/hubspot-lead-review.ts, and web search results in pipelines/signals/account-monitor.ts.\n
  • Boundary markers: Prompts use markdown headers like ## Contact Context and ## Organizational Guidelines to delimit data from instructions.\n
  • Capability inventory: The skill can send emails (via Gmail/SendGrid), post to Slack channels, and update CRM records in HubSpot and Salesforce.\n
  • Sanitization: Employs zod for payload validation and stripQuotedReply in scaffold/lib/gmail.ts for cleaning email content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 07:00 AM