Skills
skills/sales-skills/sales/sales-meeting-scheduler/Gen Agent Trust Hub

sales-meeting-scheduler

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches SKILL.md configuration files from the author's GitHub repository (https://raw.githubusercontent.com/sales-skills/sales/main/skills/{skill-name}/SKILL.md) to dynamically guide its recommendations and skill selection logic.- [PROMPT_INJECTION]: Exhibits an indirect prompt injection surface by reading instructions from external sources (both remote URLs and other local skill directories like ~/.claude/skills/) and incorporating them directly into the agent's decision-making process without boundary markers.
  • Ingestion points: Remote GitHub fetching and local filesystem reads of skill manifests and source lists.
  • Boundary markers: Absent; the skill lacks delimiters or instructions to ignore malicious directives within the fetched content.
  • Capability inventory: Uses fetched content to ground recommendations, select tools, and align the phrasing of future prompt invocations.
  • Sanitization: Absent; the agent is instructed to ground its behavior in the fetched text as authoritative instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 10:37 AM