pipeline-manager
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it processes external prospect data to drive internal logic. Ingestion points: The skill reads prospect information and signals from 'memory/pipeline.json'. Boundary markers: There are no instructions to use delimiters or ignore potentially malicious commands embedded in prospect fields. Capability inventory: The data influences automated routing, stage transitions, and triggers outreach tasks in 'outreach-sender'. Sanitization: No input validation or sanitization logic is specified for the signals detected by external tools.
- [NO_CODE]: This skill consists of instructions in markdown format and does not provide or execute its own script files or binaries.
Audit Metadata