cold-email-personalizer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The analyzed files (README.md, SKILL.md) contain only documentation and metadata. No executable scripts, binaries, or code logic were found.
- [PROMPT_INJECTION] (LOW): Category 8 (Indirect Prompt Injection) risk identified. The skill is designed to ingest external 'prospect information' which could contain malicious instructions. Evidence Chain: 1. Ingestion: Untrusted potential customer information used for generation. 2. Boundaries: No delimiter or guardrail instructions visible in the metadata. 3. Capabilities: Limited to text generation (display/internal reasoning) based on the provided metadata. 4. Sanitization: No sanitization or validation logic is specified.
Audit Metadata