skills/sales-skills/sales/sales-do/Gen Agent Trust Hub

sales-do

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes ls ~/.claude/skills/ to determine which specialized skills are currently installed, allowing it to provide accurate installation advice.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to fetch skill definitions and metadata from the vendor's GitHub repository and other specified third-party sources to ensure routing prompts are accurate and up-to-date.
  • [PROMPT_INJECTION]: The skill processes external metadata from various sales tool repositories to construct ready-to-use prompts. This constitutes an indirect prompt injection surface.
  • Ingestion points: External SKILL.md files are retrieved via WebFetch from GitHub in SKILL.md (Step 2.5).
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the routing prompt generation logic.
  • Capability inventory: The skill can list local files (ls) and write new instruction files (do-*.md) to the filesystem as part of its routing functionality.
  • Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external repositories before it is incorporated into prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 04:33 PM
Security Audit — agent-trust-hub — sales-do