content-engagement

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [NO_CODE]: The skill contains only documentation and instructional text in markdown format without any accompanying executable scripts or configuration files.
  • [DATA_EXFILTRATION]: The skill instructions involve the transmission of prospect information (names, titles, LinkedIn URLs) and engagement metadata to third-party services, specifically trigify.io and Clay webhooks.
  • [PROMPT_INJECTION]: The skill is designed to process untrusted data from external sources, specifically LinkedIn comment text captured via Trigify. This creates a surface for indirect prompt injection attacks. 1. Ingestion points: LinkedIn comment text (as defined in the Trigify Captures section of SKILL.md). 2. Boundary markers: No delimiters or instructions to ignore embedded commands are specified for the processed content. 3. Capability inventory: The skill describes enriching data via Clay and routing it to communication tools like Slack. 4. Sanitization: No sanitization, validation, or escaping logic is documented for the ingested comment text.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 08:51 AM
Security Audit — agent-trust-hub — content-engagement