outbound-prospecting-engine
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external platforms to influence its output.
- Ingestion points: Data is pulled from external job postings, LinkedIn posts, and event attendee lists (SKILL.md Step 1 and 2).
- Boundary markers: The playbook does not define clear delimiters or include instructions to disregard potential commands embedded in the scraped data.
- Capability inventory: The agent is instructed to generate personalized messages and execute email campaigns (SKILL.md Steps 6 and 7), providing a path for injected instructions to reach external recipients.
- Sanitization: No sanitization or validation of the external content is described before it is interpolated into the personalization step.
- [EXTERNAL_DOWNLOADS]: The skill package is fetched using a package manager command.
- Evidence: The
skill.meta.jsonfile defines an installation commandnpx goose-skills install outbound-prospecting-enginewhich downloads the skill from a remote registry.
Audit Metadata