feedback-tracker

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious instructions, obfuscation, or unauthorized behaviors were detected. The skill operates within its defined scope of tracking outreach metrics and updating local data files.
  • [COMMAND_EXECUTION]: The skill makes legitimate use of external communication tools (specifically Gmail via Composio) to verify if prospects have responded. This is a primary function of the skill and does not involve arbitrary command execution.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external message content to extract snippets and 'learnings'.
  • Ingestion points: Message data retrieved from external communication tools (Gmail/Composio) and stored in memory/outreach-feedback.jsonl.
  • Boundary markers: None specified for separating ingested message text from agent instructions.
  • Capability inventory: Permission to read and write to local project files (memory/) and interact with communication tool APIs.
  • Sanitization: The skill does not describe specific sanitization or filtering for the content of the replies it processes.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — feedback-tracker