sales-huzzler
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements a self-improvement mechanism that stores and retrieves data from a local file, creating a surface for indirect prompt injection.
- Ingestion points: The skill is instructed to read
references/learnings.mdat the start of each session in Step 1. - Boundary markers: No explicit delimiters or instructions are used to separate historical learnings from system instructions.
- Capability inventory: The skill has the ability to append new data to
references/learnings.mdand can trigger other skills via routing commands. - Sanitization: There is no evidence of sanitization or validation of the data being written to or read from the learnings file.
Audit Metadata