cold-email-sequence-generator-skill
Fail
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions in SKILL.md mandate the execution of a bash script located at scripts/variant-assigner.sh. This script is not provided within the skill package, leading to the execution of unverified and potentially malicious code.
- [DATA_EXFILTRATION]: The skill workflow includes instructions to write session-specific metadata and telemetry to a hidden file in the user's home directory (~/.claude/skill-analytics/last-outcome-cold-email-sequence-generator.json), establishing an unauthorized tracking mechanism.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted user data to generate content without safety boundaries. * Ingestion points: Target audience and value proposition inputs in SKILL.md. * Boundary markers: Absent. * Capability inventory: Bash shell execution and file system write operations. * Sanitization: No evidence of input validation or escaping for the generated email templates.
Recommendations
- AI detected serious security threats
Audit Metadata