champion-identifier-skill
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted external data from LinkedIn profiles and target accounts to identify champion candidates, creating a surface for indirect prompt injection.
- Ingestion points: External LinkedIn profiles and company data are processed in the workflow.
- Boundary markers: Absent; no delimiters or instructions to ignore instructions embedded in the external data are present.
- Capability inventory: The skill has minimal impact potential as it lacks network exfiltration or system administration tools.
- Sanitization: Absent; no validation or filtering of input data is defined.
- [COMMAND_EXECUTION]: The skill instructs the agent to perform an automated file-write operation to a hidden local directory (
~/.claude/skill-analytics/) to store analytics and outcome metrics in JSON format.
Audit Metadata