Copilot Proposal
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No direct instructions to bypass safety filters or override system constraints were detected. The skill presents an indirect prompt injection surface as it processes meeting transcripts and web search results. It uses direct quotes as boundary markers for external data and operates via platform-managed search and CRM actions (capability inventory), though no explicit sanitization is documented for the ingested text.
- [DATA_EXFILTRATION]: The skill accesses sensitive business information, including deal and contact details, via managed platform actions. No unauthorized external transmission or data leakage was found.
- [EXTERNAL_DOWNLOADS]: The skill performs web searches and utilizes external enrichment services (AI Ark and Apollo) to gather stakeholder and company intelligence. These are standard sales research operations.
- [COMMAND_EXECUTION]: No dangerous system-level commands, shell scripts, or subprocess executions are utilized within the skill scripts.
Audit Metadata