Skills
skills/scientiacapital/skills/deal-momentum-analyzer/Gen Agent Trust Hub

deal-momentum-analyzer

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill operates as a legitimate business automation tool using standard integration patterns for CRM management and communication.
  • [COMMAND_EXECUTION]: The skill uses scheduling tools such as CronCreate and launchd to maintain persistence for its daily analysis tasks, as explicitly defined in the workflow documentation for automated reporting.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external call transcripts and CRM notes, creating a surface for indirect prompt injection. 1. Ingestion points: clari_get_call_summary, hubspot_get_deal, hubspot_get_company, and ask_agent (activity history). 2. Boundary markers: Absent in the current instruction set. 3. Capability inventory: gmail_create_draft, gcal_create_event, and ask_agent. 4. Sanitization: No explicit content validation or sanitization of ingested transcripts is implemented before scoring or draft generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 06:50 PM