Renewal Reminder Drafter
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external CRM records which could potentially contain malicious instructions intended to manipulate the email output.
- Ingestion points: The skill uses
execute_actionto fetch deal, contact, activity, and task data from a CRM (SKILL.md, Data Gathering section). - Boundary markers: The instructions do not define explicit delimiters or 'ignore' commands for the CRM-sourced data when generating the email body.
- Capability inventory: The skill possesses
crmaccess for data retrieval andemailcapabilities for drafting and sending communications. - Sanitization: There is no evidence of input validation or sanitization of the text retrieved from CRM fields before it is interpolated into the email prompt.
Audit Metadata