content-engagement
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill contains only documentation and instructional text in markdown format without any accompanying executable scripts or configuration files.
- [DATA_EXFILTRATION]: The skill instructions involve the transmission of prospect information (names, titles, LinkedIn URLs) and engagement metadata to third-party services, specifically trigify.io and Clay webhooks.
- [PROMPT_INJECTION]: The skill is designed to process untrusted data from external sources, specifically LinkedIn comment text captured via Trigify. This creates a surface for indirect prompt injection attacks. 1. Ingestion points: LinkedIn comment text (as defined in the Trigify Captures section of SKILL.md). 2. Boundary markers: No delimiters or instructions to ignore embedded commands are specified for the processed content. 3. Capability inventory: The skill describes enriching data via Clay and routing it to communication tools like Slack. 4. Sanitization: No sanitization, validation, or escaping logic is documented for the ingested comment text.
Audit Metadata