skills/sales-skills/sales/sales-dicte/Gen Agent Trust Hub

sales-dicte

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill consists entirely of Markdown instructions and reference guides. No Python scripts, Node.js code, or binary executables are included in the package.
  • [SAFE]: No security threats such as credential harvesting, data exfiltration, or unauthorized command execution were identified. The skill's behavior aligns with its stated purpose of providing platform support.
  • [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists due to the knowledge persistence mechanism using references/learnings.md. 1. Ingestion points: references/learnings.md (Read at start, updated with user-discovered tips). 2. Boundary markers: Absent; the agent is instructed to read the file content directly into its context. 3. Capability inventory: None; the skill provides information and does not have access to tools for shell execution, network requests, or sensitive file system access. 4. Sanitization: Absent; there is no logic to validate or sanitize content before it is appended to the learnings file.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 12:20 AM
Security Audit — agent-trust-hub — sales-dicte