call-list
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from external sources (CRM and Email) which could contain adversarial instructions. Although this presents a surface for indirect prompt injection, the risk is mitigated by explicit approval gates.
- Ingestion points: CRM (via
~~crmplaceholder or CSV upload) and Email (~~почта) data streams. - Boundary markers: No specific delimiters or "ignore instructions" warnings are provided to separate the untrusted data from the skill's operational prompts.
- Capability inventory: The skill has access to
Bash,WebFetch, andReadtools. - Sanitization: No manual or automatic sanitization steps are defined for the ingested correspondence before it is processed for summaries or talking points.
Audit Metadata