sales-awesomeindie
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions are purely informational and follow standard patterns for platform guidance. There are no attempts at prompt injection, obfuscation, or unauthorized data access.
- [EXTERNAL_DOWNLOADS]: The skill mentions installing an additional router skill from the same vendor (
sales-skills) using a standard platform command (npx skills add). This is a legitimate functional reference. - [DATA_EXPOSURE]: No sensitive files, environment variables, or hardcoded credentials are accessed or exposed.
- [INDIRECT_PROMPT_INJECTION]: The skill reads from and appends to a local
references/learnings.mdfile. While this represents an ingestion point for persistent data, the skill lacks dangerous capabilities (such as shell execution or network requests) that could be exploited through this vector, making the risk negligible. - Ingestion points:
references/learnings.md(Step 1 and Gotchas section). - Boundary markers: None present.
- Capability inventory: No subprocess calls, network operations, or dangerous file system writes identified.
- Sanitization: No explicit sanitization of learnings content.
Audit Metadata