campaign-orchestrator
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill uses environment variables (DIALPAD_API_KEY, ATTIO_API_KEY, GOG_KEYRING_PASSWORD) for API authentication, which is the recommended practice for managing sensitive secrets in agent skills.
- [DATA_EXFILTRATION]: Network activity is confined to legitimate integration points with vendor-specific APIs (Dialpad, Attio) and a local webhook server. No unauthorized data transmission or suspicious network patterns were identified.
- [COMMAND_EXECUTION]: The skill utilizes local Python scripts for campaign logic and provides instructions for interacting with established CLI tools like
gog-shapescaleandattio. These operations are well-scoped to the skill's purpose. - [PROMPT_INJECTION]: The skill processes untrusted SMS content received via webhooks, which is stored in a local state file and displayed during status checks. This presents an indirect prompt injection surface typical of communication tools.
- Ingestion points:
webhook_handler.py(POST /) receives incoming message text from Dialpad webhooks. - Boundary markers: None present in the campaign state storage or CLI output displays.
- Capability inventory: The skill can execute local management scripts and call external communication tools (Dialpad, Gmail) and CRM APIs.
- Sanitization: No explicit sanitization or filtering of incoming message content was observed before it is stored in
campaigns.jsonor presented to the agent.
Audit Metadata