check-outreach-status
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill accesses a local
.envfile to retrieve API tokens. These tokens are transmitted to vendor-owned infrastructure atcrm.psquared.devandnotifications.psquared.devto authenticate GraphQL and REST API requests. - [COMMAND_EXECUTION]: Uses the
curlutility to communicate with external APIs for data retrieval and draft creation. - [PROMPT_INJECTION]: Processes data from CRM records (such as contact names and company information) to populate email draft fields. This creates a surface for indirect prompt injection if the source CRM data is untrusted, though the impact is mitigated by the skill's specific purpose of preparing drafts for human review.
Audit Metadata