Skills
skills/sixtysecondsapp/use60/Battlecard/Gen Agent Trust Hub

Battlecard

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a potential vulnerability to indirect prompt injection.
  • Ingestion points: The skill ingests untrusted data from web search results (Layer 2) and historical meeting transcripts via RAG (Layer 3) as described in SKILL.md.
  • Boundary markers: Absent. There are no instructions to use specific delimiters (e.g., XML tags) or protective 'ignore instructions' prefixes when processing external content.
  • Capability inventory: The skill utilizes execute_action for CRM data access (get_deal, get_deal_contacts, get_deal_activities) and performs web searches.
  • Sanitization: Absent. The instructions do not mention filtering, validation, or sanitization of ingested data before synthesis.
  • [NO_CODE]: The skill is composed entirely of markdown-based instructions and reference guides; it does not contain any Python, JavaScript, or other executable script files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 11:37 AM