pipeline-manager

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it processes external prospect data to drive internal logic. Ingestion points: The skill reads prospect information and signals from 'memory/pipeline.json'. Boundary markers: There are no instructions to use delimiters or ignore potentially malicious commands embedded in prospect fields. Capability inventory: The data influences automated routing, stage transitions, and triggers outreach tasks in 'outreach-sender'. Sanitization: No input validation or sanitization logic is specified for the signals detected by external tools.
  • [NO_CODE]: This skill consists of instructions in markdown format and does not provide or execute its own script files or binaries.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — pipeline-manager