skills/danielmiessler/lifeos/Sales/Gen Agent Trust Hub

Sales

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute several shell commands for notification and logging purposes. Specifically, it uses curl to send a POST request to a local notification service (http://localhost:31337/notify) and uses echo to append execution metadata to a JSONL log file located at ~/.claude/PAI/MEMORY/SKILLS/execution.jsonl. It also executes a local TypeScript utility via bun run to generate visual assets using the art skill.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted product documentation. This content is summarized and then interpolated into prompts for other skills (StoryExplanation and Art) as well as into shell command arguments for logging. The absence of explicit boundary markers or sanitization steps in these templates creates a surface where malicious instructions embedded in the input documentation could potentially influence the agent's behavior or the generated output.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 03:33 PM
Security Audit — agent-trust-hub — Sales