Skills
skills/sixtysecondsapp/use60/Slack Coaching Query/Gen Agent Trust Hub

Slack Coaching Query

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted user input from Slack messages to generate sales coaching advice.\n
  • Ingestion points: The raw_query and objection_type inputs take text directly from Slack messages as seen in the triggers and input configuration.\n
  • Boundary markers: There are no explicit delimiters or instructions within the Claude Haiku system prompt to ignore instructions potentially embedded within the user's objection description.\n
  • Capability inventory: The skill has crm capabilities used to fetch pipeline snapshots, deal lists, risk scores, and meeting data via execute_action.\n
  • Sanitization: No validation or sanitization of the user-provided text is performed before it is used in the AI prompt or included in the Slack Block Kit output.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 11:38 AM