sales-call-review
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted user-provided call transcripts or descriptions. This content could contain malicious instructions designed to manipulate the coaching output.
- Ingestion points: Data enters via the transcript or call description input in SKILL.md.
- Boundary markers: The skill does not use delimiters or instructions to treat the transcript as untrusted data.
- Capability inventory: The agent generates scores, provides coaching recommendations, and drafts follow-up emails based on the input.
- Sanitization: There is no evidence of sanitization or validation of the ingested text.
- [PROMPT_INJECTION]: The skill implements a self-improvement mechanism where it reads from and appends to 'references/learnings.md'. This creates a risk where a malicious transcript could trick the agent into writing adversarial instructions to the learnings file, which would then be executed in future sessions.
Audit Metadata