crm-maintenance
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, unauthorized access, or data exfiltration attempts were detected. The skill is verified to be functional and follows security best practices.
- [PROMPT_INJECTION]: The skill processes untrusted data from external sources, which is a potential surface for indirect prompt injection. Ingestion points: Emails (
~~почта) and calendar events (~~календарь) in SKILL.md. Boundary markers: None explicitly defined in instructions to separate data from system prompts. Capability inventory: The skill can create contacts and modify CRM deal fields (amount, close date, next step) via~~crm. Sanitization: The skill implements mandatory 'Approval Gates' (documented in SKILL.md and reference/cleanup-checklist.md) requiring manual user review and side-by-side comparison before any data is recorded, which is a robust mitigation for indirect prompt injection. - [DATA_EXFILTRATION]: No evidence of unauthorized data transmission was found. Data usage is restricted to the skill's primary functional scope.
Audit Metadata