ai-sdr
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of documentation and strategic guidance in Markdown format. It contains no executable scripts, automated tasks, or code files.
- [PROMPT_INJECTION]: The skill instructions define workflows for ingesting and processing untrusted external data, which creates a potential surface for indirect prompt injection. * Ingestion points: The agent is instructed to read prospect LinkedIn posts, company news, and email replies as described in
SKILL.mdandreferences/implementation-guide.md. * Boundary markers: No explicit delimiters or instructions to disregard embedded commands are included in the provided email or task templates to protect the agent from malicious instructions in external content. * Capability inventory: The agent is tasked with automated sentiment classification, email generation, and routing leads to CRM or Slack platforms, providing an automated path for injected instructions. * Sanitization: The deployment guidelines do not mention sanitization or validation of external content before it is processed by the agent.
Audit Metadata