skills/sales-skills/sales/sales-maxiq/Gen Agent Trust Hub

sales-maxiq

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a 'self-improving' loop by reading from and appending to references/learnings.md. This functionality creates a surface for indirect prompt injection where instructions or malicious patterns provided by a user in one session could be persisted and influence the agent's behavior in future sessions.
  • Ingestion points: The agent reads references/learnings.md at the start of every interaction and appends new discoveries to it at the conclusion of the session.
  • Boundary markers: The skill does not define specific delimiters or instructions to treat the learned content as untrusted data or to ignore embedded commands.
  • Capability inventory: The agent is authorized to read local skill files, route to other installed skills, and append content to the local learning file.
  • Sanitization: There is no mechanism described for validating, escaping, or sanitizing the content before it is saved to the persistent storage.
  • [COMMAND_EXECUTION]: The documentation includes a command for installing a related skill: npx skills add sales-skills/sales --skill sales-do. This command references a package within the same author's ('sales-skills') namespace and represents a standard installation procedure for this environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 05:42 PM
Security Audit — agent-trust-hub — sales-maxiq