sales-media-relations
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious instructions, obfuscated code, or direct prompt injections were identified in the skill files. The skill's logic is consistent with providing media relations guidance.\n- [EXTERNAL_DOWNLOADS]: The skill references established third-party PR platforms (e.g., Meltwater, Cision, Muck Rack) for informational comparison. These references target well-known services and do not involve downloading or executing untrusted code.\n- [COMMAND_EXECUTION]: Instructions are provided for the manual installation of related skills using the vendor's CLI tool. These commands are standard for the ecosystem and do not represent a security risk.\n- [PROMPT_INJECTION]: The skill utilizes a local file (
references/learnings.md) to maintain context and improve responses over time. This creates a surface for indirect prompt injection where data from previous sessions could influence future behavior.\n - Ingestion points:
references/learnings.md(read during the context gathering step).\n - Boundary markers: Absent (the file content is read directly into context).\n
- Capability inventory: The skill can append to its own reference files but lacks dangerous capabilities such as network exfiltration or arbitrary shell execution in the provided files.\n
- Sanitization: Absent (the content is appended and read without specific filtering).
Audit Metadata