sales-revenue
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill describes a multi-agent architecture that is susceptible to indirect prompt injection.
- Ingestion points:
reference/outreach.mdspecifies that the 'RESEARCHER' agent collects intelligence from company domains and LinkedIn, and the 'ANALYZER' agent processes incoming email reply text. - Boundary markers: Absent; the instructions do not define delimiters or specific 'ignore' directives to isolate untrusted data from the agent's core instructions.
- Capability inventory:
reference/outreach.mdmentions the use of browser automation (Playwright) and integrations with various sales APIs (Apollo, Hunter.io) and CRM platforms. - Sanitization: Absent; no logic is provided for sanitizing or validating the data scraped from external sites or received via email.
- [SAFE]: The skill's use of external services like Salesforce, HubSpot, Clearbit, and LinkedIn is transparent and consistent with its stated purpose as a B2B sales tool.
Audit Metadata