sales-customer-feedback

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill focuses on business strategy for Voice of Customer (VoC) programs. No obfuscation, data exfiltration, or credential exposure was detected in the provided files.
  • [COMMAND_EXECUTION]: The skill references several installation commands using npx skills add. These are platform-native commands intended for discovery and installation of related skills within the same vendor ecosystem (sales-skills/sales).
  • [PROMPT_INJECTION]: The skill maintains a persistent state through references/learnings.md, which is used to store and retrieve insights. This architecture creates a surface for indirect prompt injection where historical user input or agent-generated observations could influence future behavior.
  • Ingestion points: Reads from references/learnings.md at the start of Step 1.
  • Boundary markers: Content is integrated into the session context without explicit delimiters or warnings to ignore embedded instructions.
  • Capability inventory: The skill primarily performs informational routing and response generation; it does not demonstrate capabilities for arbitrary code execution or unauthorized network access.
  • Sanitization: The skill lacks explicit sanitization or validation logic for the data written to the learnings file.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 06:34 PM
Security Audit — agent-trust-hub — sales-customer-feedback