Deal Next Best Actions
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted data from external sources to generate its recommendations.
- Ingestion points: Untrusted data enters the context through CRM activity logs (
get_deal_activities), web search results for company news (Layer 2), and meeting transcripts retrieved via RAG (Layer 3). - Boundary markers: The skill does not employ explicit delimiters or instructions to separate the ingested data from its core operational instructions.
- Capability inventory: The agent uses
crmandweb_searchcapabilities to retrieve information and suggests multi-channel outreach actions. - Sanitization: There is no evidence of sanitization or filtering of external content before it is used to ground the action recommendations.
Audit Metadata