sales-momentum
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill implements a persistent knowledge storage system by reading from and appending to
references/learnings.md. This creates an indirect prompt injection surface where untrusted data or instructions from previous interactions could be stored and subsequently influence the agent's behavior in future sessions. - Ingestion points: The agent reads
references/learnings.mdduring the context-gathering phase (Step 1) and processes user input. - Boundary markers: No delimiters or safety instructions are present to distinguish historical learned data from current system instructions.
- Capability inventory: The skill instructions authorize the agent to read from and write (append) to the local filesystem.
- Sanitization: No evidence of input validation, filtering, or sanitization is provided for the content being added to the knowledge file.
- [COMMAND_EXECUTION]: The documentation provides an example command for installing additional platform components (
npx skills add sales-skills/sales --skill sales-do). This involves executing a CLI utility to manage extensions within the platform's ecosystem. - [EXTERNAL_DOWNLOADS]: The suggested
npxinstallation command involves downloading and executing packages from an external registry. This is documented as a standard procedure for users to acquire related tools from the vendor.
Audit Metadata