sales-field-sales

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches skill configuration and metadata from the vendor's official GitHub repository to provide grounded recommendations about related sales platforms.
  • [PROMPT_INJECTION]: Identified an indirect prompt injection surface where the agent is instructed to fetch and process external skill manifests based on a variable skill name.
  • Ingestion points: The {skill-name} parameter is used to construct file paths and URLs within SKILL.md.
  • Boundary markers: Fetched content from the external manifests is integrated into the agent's context without explicit delimiters.
  • Capability inventory: The skill utilizes Read for local manifest access and WebFetch for remote repository access.
  • Sanitization: The instructions do not define explicit validation or escaping for the {skill-name} variable.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 05:42 PM
Security Audit — agent-trust-hub — sales-field-sales