sales-kit
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the user to manually execute an
npxcommand to install additional tools. This is a recommendation for user-level installation and not an automated agent execution. - [EXTERNAL_DOWNLOADS]: The recommended
npxcommand targets a package (sales-skills/sales) that aligns with the developer's identity. This resource is considered part of the vendor's ecosystem. - [PROMPT_INJECTION]: The skill uses a local file (
references/learnings.md) to persist and retrieve information across interactions, which constitutes a surface for indirect prompt injection. - Ingestion points: The agent is instructed to read
references/learnings.mdat the beginning of its process. - Boundary markers: There are no defined delimiters or instructions to ignore potential commands within the stored data.
- Capability inventory: The skill is capable of appending new content to the
references/learnings.mdfile. - Sanitization: No explicit sanitization or validation of the content being written to the learnings file is described.
Audit Metadata