sales-char
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions to update 'references/learnings.md' with new information discovered during interactions. This creates an indirect prompt injection surface where data from meeting transcripts or external sources could be persisted into the agent's long-term context.
- Ingestion points: Meeting transcripts and user-provided context via the Char platform guide.
- Boundary markers: No specific delimiters or safety instructions are defined for the learning persistence process.
- Capability inventory: Write access to 'references/learnings.md' via the agent's file system tools.
- Sanitization: No explicit sanitization or validation logic is provided for the content being appended to the learnings file.
- [EXTERNAL_DOWNLOADS]: The skill references several external resources, including the official Char website (char.com) and its GitHub repository (github.com/fastrepl/char). It also provides instructions for installing related skills from the same author using 'npx'. These are legitimate references intended to help the user manage the platform.
- [NO_CODE]: The skill contains no executable scripts (Python, Node.js, Shell) and relies entirely on markdown-based instructions for the agent and user.
Audit Metadata