sales-hedy
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill maintains a feedback loop through the
references/learnings.mdfile, where the agent is instructed to read existing knowledge and append new findings. This represents an indirect prompt injection surface where untrusted data could be recorded and later used to influence agent behavior. - Ingestion points:
references/learnings.md - Boundary markers: No explicit delimiters are defined to separate the learnings from the agent instructions.
- Capability inventory: The agent has permissions to read and write to local markdown files in the references directory.
- Sanitization: No sanitization of the input appended to the file is performed.
- [COMMAND_EXECUTION]: The skill documentation includes a command for adding a related routing skill:
npx skills add sales-skills/sales --skill sales-do. - [EXTERNAL_DOWNLOADS]: The skill references external resources including the Hedy REST API at
api.hedy.botand then8n-nodes-hedyNode.js package. - [REMOTE_CODE_EXECUTION]: The provided
npxcommand downloads and executes a package from thesales-skillsnamespace, which is the same author as this skill.
Audit Metadata