Ops Integration Sync
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
- [NO_CODE]: The analyzed file contains only markdown instructions and configuration metadata; it does not ship with any executable scripts or source code.
- [DATA_EXFILTRATION]: The skill is designed to move potentially sensitive contact information, such as emails and phone numbers, to external well-known services (HubSpot, Attio, and Instantly). This behavior is documented as the primary intended function for the vendor 'SixtySecondsApp'.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface. 1. Ingestion points: Data enters the agent's context through the 'sync_ops_hubspot' action during 'pull' operations from external CRM records. 2. Boundary markers: The skill does not define delimiters or specific instructions to ignore embedded commands in the ingested data. 3. Capability inventory: The agent has the ability to write data to internal tables and initiate pushes to other integrated platforms (Instantly, Attio). 4. Sanitization: There is no evidence of content validation or sanitization for the data retrieved from external sources before it is processed.
Audit Metadata