sales-avoma
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill implements a persistent state pattern where the agent reads from and writes to 'references/learnings.md' across different sessions. This creates a surface for indirect prompt injection.
- Ingestion points: The agent is instructed to read 'references/learnings.md' at the start of every invocation to retrieve 'accumulated knowledge'.
- Boundary markers: There are no delimiters or instructions to treat the contents of the learnings file as potentially untrusted data or to ignore embedded instructions.
- Capability inventory: The skill possesses orchestration capabilities, such as routing to other skills (e.g., '/sales-note-taker'), and provides guidance on utilizing APIs and webhooks.
- Sanitization: There is no mechanism described for validating or sanitizing the 'gotchas' or 'tips' before the agent appends them to the persistent storage.
- [EXTERNAL_DOWNLOADS]: The documentation includes instructions for the user to run 'npx skills add sales-skills/sales --skill sales-do'. This command fetches and executes code from the vendor's ('sales-skills') own ecosystem to install related tools and capabilities.
Audit Metadata