sales-cleftnotes
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill's primary function is to provide informational guidance and support for the Cleft Notes application.
- [COMMAND_EXECUTION]: The skill provides informational text containing commands for installing related skills (e.g.,
npx skills add sales-skills/sales). These are intended as reference instructions for the user to expand their local toolkit and are not executed automatically by the agent. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its mechanism for reading and updating a local knowledge base.
- Ingestion points: User-provided tips and workarounds are appended to and subsequently read from
references/learnings.md(SKILL.md). - Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the content of the learnings file as untrusted data.
- Capability inventory: The skill lacks high-privilege capabilities such as arbitrary network access, execution of unverified remote code, or access to sensitive system files, which significantly mitigates the risk of exploitation.
- Sanitization: No validation or escaping is performed on the content before it is appended to the learnings file.
Audit Metadata