Deal Slippage Diagnosis
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes standard platform actions (
get_pipeline_deals,get_deal,get_deal_activities) to perform data operations, ensuring actions are contained within the agent's authorized capability scope.\n- [SAFE]: No evidence of hardcoded credentials, obfuscated instructions, or unauthorized network communication to external domains was found.\n- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to its analysis of untrusted external data.\n - Ingestion points: The skill fetches and analyzes CRM activity notes and meeting transcripts to detect competitive mentions and other risk signals (referenced in Signal 14 of slippage-signals.md).\n
- Boundary markers: Explicit delimiters or 'ignore' instructions for the interpolated CRM data are not specified in the skill logic.\n
- Capability inventory: The skill has
crm(read) andtasks(preview/create) capabilities, allowing it to generate prioritized rescue plans and task previews based on analyzed data.\n - Sanitization: There is no documented mechanism for sanitizing or filtering instructions that might be embedded within the CRM notes or transcripts.
Audit Metadata