sales-replierai

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill mentions an installation command using npx for other skills. The package sales-skills/sales is a vendor-owned resource provided as a standard way for users to extend functionality.\n- [REMOTE_CODE_EXECUTION]: The npx command documented in the skill allows for the download and execution of code. This is a standard developer pattern and is identified here because it involves executing code from a remote source.\n- [PROMPT_INJECTION]: The skill implements a persistent learning feature that reads and writes to the references/learnings.md file, creating a surface for indirect prompt injection.\n
  • Ingestion points: User-provided tips and feedback collected at the end of the workflow (Step 4).\n
  • Boundary markers: None used when reading the accumulated knowledge from references/learnings.md at the start of the workflow.\n
  • Capability inventory: File read/write access to references/learnings.md and references/platform-guide.md.\n
  • Sanitization: No explicit sanitization or content validation is performed on the user input before it is recorded.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 12:21 AM
Security Audit — agent-trust-hub — sales-replierai