news-signal-outreach
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its core functionality of ingesting external, untrusted content to drive downstream agent actions.
- Ingestion points: Step 1 (Parse & Extract) fetches content from user-provided URLs (LinkedIn posts, news articles) or results from automated web searches.
- Boundary markers: Absent. The instructions do not define specific delimiters or instructions for the agent to treat fetched content as data rather than instructions.
- Capability inventory: The skill utilizes web-search, contact discovery tools (Apollo, LinkedIn, Clearbit), and outreach management platforms (Smartlead, Outreach.io).
- Sanitization: Absent. There is no evidence of sanitization or escaping of external content before it is processed by the LLM to identify connection angles or draft outreach emails.
- [NO_CODE]: The skill consists entirely of markdown instructions and YAML configuration, with no executable scripts or binary files included.
Audit Metadata