sales-influencity
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements a persistent state mechanism by reading from and writing to
references/learnings.md, creating a vulnerability surface for indirect prompt injection where data from past interactions could influence future agent behavior. - Ingestion points: The agent is instructed to read the contents of
references/learnings.mdat the beginning of the workflow. - Boundary markers: No markers or instructions are provided to distinguish between stored data and system instructions within the ingested file.
- Capability inventory: The skill can append new data to the file system and route the user to other skills.
- Sanitization: User-provided information is persisted to the learnings file without any visible sanitization or validation process.
- [COMMAND_EXECUTION]: The documentation includes an
npxcommand (npx skills add sales-skills/sales --skills sales-do) for installing additional tools, which downloads and executes code from a vendor-associated package on the npm registry.
Audit Metadata