sales-cdp
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes 'references/learnings.md' to store knowledge across sessions, creating a surface for indirect prompt injection where previous outputs could influence future agent actions.
- Ingestion points: 'references/learnings.md' is read during the context-gathering phase.
- Boundary markers: The content is read into the context without delimiters or instructions to isolate the data.
- Capability inventory: The skill performs file read and write operations and provides routing to multiple platform-specific skills.
- Sanitization: No validation or sanitization is applied to the content read from the learnings file.
- [EXTERNAL_DOWNLOADS]: The skill mentions the installation of the 'sales-skills/sales' package via npx. This is a vendor-owned resource originating from the skill author's infrastructure.
Audit Metadata