founder-sales

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill primarily consists of instructional content and strategic advice. Comprehensive scanning for obfuscation, malicious network operations, privilege escalation, and persistence mechanisms yielded no findings.
  • [PROMPT_INJECTION]: The skill defines a workflow for indirect data ingestion via research tools such as exa-company-research, exa-people-research, and exa-personal-site to identify prospect signals. While this introduces a surface for indirect prompt injection from external websites, the risk is inherent to the research use-case and the skill lacks dangerous executable capabilities.
  • Ingestion points: Tool invocations for external research specified in the 'Signal-Based Outreach' section of SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded prompts are defined for the fetched external content.
  • Capability inventory: The skill triggers other specialized skills including cold-email, sales-qualification, and structured-log.
  • Sanitization: No explicit validation or filtering logic is defined for data returned by the research tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — founder-sales