sales-replierai
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill mentions an installation command using npx for other skills. The package sales-skills/sales is a vendor-owned resource provided as a standard way for users to extend functionality.\n- [REMOTE_CODE_EXECUTION]: The npx command documented in the skill allows for the download and execution of code. This is a standard developer pattern and is identified here because it involves executing code from a remote source.\n- [PROMPT_INJECTION]: The skill implements a persistent learning feature that reads and writes to the references/learnings.md file, creating a surface for indirect prompt injection.\n
- Ingestion points: User-provided tips and feedback collected at the end of the workflow (Step 4).\n
- Boundary markers: None used when reading the accumulated knowledge from references/learnings.md at the start of the workflow.\n
- Capability inventory: File read/write access to references/learnings.md and references/platform-guide.md.\n
- Sanitization: No explicit sanitization or content validation is performed on the user input before it is recorded.
Audit Metadata