Skills
skills/sales-skills/sales/sales-request-skill/Gen Agent Trust Hub

sales-request-skill

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses shell commands including find, cat, and the GitHub CLI (gh) to manage local files and interact with remote repositories. It also executes a Python snippet via subprocess.run to launch a web browser with pre-filled submission data.- [DATA_EXFILTRATION]: Aggregates data from local learnings.md files across installed skills to share them with the sales-skills/sales repository. This behavior is the primary function of the skill and includes documented steps for manual PII scrubbing and user confirmation before transmission to the vendor's own repository.- [DYNAMIC_EXECUTION]: Employs Python's subprocess module to programmatically open a specific browser profile for PR/Issue review, representing a form of runtime command execution.- [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: Reads content from ~/.claude/skills/*/references/learnings.md files which are technically external sources.
  • Boundary markers: None implemented at the file read stage; the skill relies on subsequent manual review steps.
  • Capability inventory: Can execute GitHub CLI commands (gh pr create, gh issue create) and system commands via Python.
  • Sanitization: Includes a dedicated 'Step C3' for scrubbing personally identifiable information (PII) before any data is sent externally.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 06:11 PM