sdr-outbound-rules
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is composed entirely of markdown documentation. It contains no Python scripts, JavaScript files, shell commands, or other executable components.
- [PROMPT_INJECTION] (SAFE): Analysis of the text and example prompts reveals no attempts to override system instructions, bypass safety filters, or extract system prompts.
- [DATA_EXFILTRATION] (SAFE): There are no commands or code patterns present that could read sensitive files (e.g., SSH keys, credentials) or transmit data to external servers.
- [INDIRECT_PROMPT_INJECTION] (LOW): While the skill's purpose is to process and review user-provided email text (untrusted data), it possesses no 'write' or 'execute' capabilities. It cannot modify files, run subprocesses, or make network calls, meaning any injection in processed data is limited to influencing the agent's immediate textual response.
Audit Metadata