cold_email

The skill 'cold_email' is provided entirely as a markdown file, which serves as a detailed instruction set for the AI to generate cold email sequences. It does not contain any executable code (e.g., shell scripts, Python, JavaScript), nor does it attempt to perform file system operations, network requests, or privilege escalation.

1. Prompt Injection: No patterns indicative of prompt injection (e.g., 'IMPORTANT: Ignore', 'Override', role-play for malicious purposes) were found in the instructions or metadata.
2. Data Exfiltration: As there is no executable code, the skill cannot access sensitive file paths or perform network operations to exfiltrate data.
3. Obfuscation: No obfuscated content (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) was detected.
4. Unverifiable Dependencies: The skill references two external URLs in its 'Workflow' section: https://salesloft.com/resources/blog/email-deliverability-guide/ and https://www.lemlist.com/blog/cold-email-guide. These are informational links to reputable companies in the email marketing space. The skill does not attempt to download or execute any content from these sources. This is noted as an informational finding (LOW severity) but does not impact the overall SAFE verdict as it's purely a reference.
5. Privilege Escalation: No commands like sudo or chmod were found.
6. Persistence Mechanisms: No attempts to modify system configuration files or create persistence mechanisms were found.
7. Metadata Poisoning: The skill's name, description, and metadata tags are benign and accurately reflect its purpose.
8. Indirect Prompt Injection: While any AI skill that processes external user input could theoretically be susceptible to indirect prompt injection, this skill's primary function is to generate content based on its internal instructions, not to process untrusted external data in a way that would lead to this vulnerability within the skill itself.
9. Time-Delayed / Conditional Attacks: No conditional logic based on dates, times, usage, or environment variables was found.

Conclusion: The skill is purely instructional and does not contain any active components that could pose a security risk. It is categorized as a 'NO_CODE' skill, which inherently makes it safer.