The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted external data in the form of sales call transcripts or user-provided descriptions. This creates a surface for indirect prompt injection where an attacker could theoretically embed instructions in a transcript to influence the agent's analysis. However, the risk is negligible as the skill only performs text generation and lacks access to sensitive capabilities.
Ingestion points: Transcript or call description provided by the user in SKILL.md (Step 1).
Boundary markers: No explicit delimiters or boundary markers are used to isolate the untrusted input from the system instructions.
Capability inventory: The skill is restricted to text analysis, scorecard generation, and drafting emails; it does not request or use tools for network operations, file system modification, or command execution.
Sanitization: No input sanitization or validation logic is defined for the provided transcripts.
[COMMAND_EXECUTION]: The documentation includes an npx command example for installing related skills. This is a standard installation pattern for the platform's ecosystem and points to the vendor's own repository (sales-skills/sales), which is consistent with the author's identity and does not represent a security risk.

sales-call-review