Skills
skills/sales-skills/sales/sales-balto/Gen Agent Trust Hub

sales-balto

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a persistent knowledge loop by reading from and writing to 'references/learnings.md'. This creates a surface for indirect prompt injection.\n
  • Ingestion points: The agent reads 'references/learnings.md' at the start of the session and processes user-provided tips.\n
  • Boundary markers: There are no delimiters or instructions to treat the stored learnings as untrusted content.\n
  • Capability inventory: The skill has the ability to append to files and route to other skills via commands like '/sales-coaching'.\n
  • Sanitization: No input validation or sanitization is performed on the 'gotchas' or 'tips' before they are appended to the learnings file.\n- [COMMAND_EXECUTION]: The documentation references an 'npx' command for installing related skills. This is a standard administrative task for the platform and utilizes resources belonging to the vendor 'sales-skills'.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 06:34 PM