campaign-orchestrator

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill uses environment variables (DIALPAD_API_KEY, ATTIO_API_KEY, GOG_KEYRING_PASSWORD) for API authentication, which is the recommended practice for managing sensitive secrets in agent skills.
  • [DATA_EXFILTRATION]: Network activity is confined to legitimate integration points with vendor-specific APIs (Dialpad, Attio) and a local webhook server. No unauthorized data transmission or suspicious network patterns were identified.
  • [COMMAND_EXECUTION]: The skill utilizes local Python scripts for campaign logic and provides instructions for interacting with established CLI tools like gog-shapescale and attio. These operations are well-scoped to the skill's purpose.
  • [PROMPT_INJECTION]: The skill processes untrusted SMS content received via webhooks, which is stored in a local state file and displayed during status checks. This presents an indirect prompt injection surface typical of communication tools.
  • Ingestion points: webhook_handler.py (POST /) receives incoming message text from Dialpad webhooks.
  • Boundary markers: None present in the campaign state storage or CLI output displays.
  • Capability inventory: The skill can execute local management scripts and call external communication tools (Dialpad, Gmail) and CRM APIs.
  • Sanitization: No explicit sanitization or filtering of incoming message content was observed before it is stored in campaigns.json or presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:15 PM
Security Audit — agent-trust-hub — campaign-orchestrator