sales-field-sales
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches skill configuration and metadata from the vendor's official GitHub repository to provide grounded recommendations about related sales platforms.
- [PROMPT_INJECTION]: Identified an indirect prompt injection surface where the agent is instructed to fetch and process external skill manifests based on a variable skill name.
- Ingestion points: The
{skill-name}parameter is used to construct file paths and URLs withinSKILL.md. - Boundary markers: Fetched content from the external manifests is integrated into the agent's context without explicit delimiters.
- Capability inventory: The skill utilizes
Readfor local manifest access andWebFetchfor remote repository access. - Sanitization: The instructions do not define explicit validation or escaping for the
{skill-name}variable.
Audit Metadata