Skills
skills/sales-skills/sales/sales-callminer/Gen Agent Trust Hub

sales-callminer

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents an npx command for installing a related tool from the same vendor (sales-skills/sales).
  • [EXTERNAL_DOWNLOADS]: The skill references multiple external domains for API documentation and platform guidance, such as developer.callminer.com and macrosoftinc.com. These references are used for information retrieval.
  • [PROMPT_INJECTION]: The skill utilizes a references/learnings.md file to store and retrieve persistent knowledge, which creates a surface for indirect prompt injection.
  • Ingestion points: Data is ingested from user queries and the references/learnings.md file.
  • Boundary markers: There are no boundary markers or delimiters used when interpolating user data or file content into the prompt.
  • Capability inventory: The skill is designed to append new information to the references/learnings.md file based on interactions.
  • Sanitization: No sanitization is performed on the content written to the knowledge base or the input processed from it.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 07:03 PM