Skills
skills/sixtysecondsapp/use60/Deal Auto-Tagger/Gen Agent Trust Hub

Deal Auto-Tagger

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its processing of untrusted external content.
  • Ingestion points: Untrusted data enters the agent's context through meeting transcripts fetched via list_meetings and deal activities via get_deal_activities (SKILL.md).
  • Boundary markers: The skill lacks explicit delimiters or specific instructions to disregard malicious or manipulative content embedded within the meeting transcripts.
  • Capability inventory: The skill has the update_deal capability (SKILL.md), which provides write access to the CRM for applying tags.
  • Sanitization: There is no documented logic for sanitizing or filtering input from meeting transcripts before it is processed for tagging logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 11:37 AM