Onboarding Check-in Drafter
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection.\n- Ingestion points: The skill ingests untrusted data from the CRM via actions like get_deal, get_contact, and get_deal_activities defined in SKILL.md.\n- Boundary markers: Absent; the prompt instructions do not specify delimiters or warnings to ignore embedded instructions in the CRM data.\n- Capability inventory: The skill utilizes 'crm' (read access) and 'email' (drafting and sending access).\n- Sanitization: Absent; there is no explicit instruction to sanitize or escape CRM content before it is interpolated into the email drafts.\n- [NO_CODE]: The skill is defined entirely through markdown instructions and does not include any external scripts or executable files.
Audit Metadata