sales-salesroom

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill utilizes a persistent file (references/learnings.md) to store and retrieve knowledge across sessions, creating a surface for indirect prompt injection (Category 8).
  • Ingestion points: Data is loaded from references/learnings.md at the start of the interaction (SKILL.md, Step 1).
  • Boundary markers: The instructions do not define clear boundaries or provide warnings to the agent to ignore potentially malicious instructions within the loaded file.
  • Capability inventory: The skill provides instructions for appending data to the local file system (references/learnings.md) and suggests the installation of additional skills via shell commands.
  • Sanitization: No validation or sanitization is performed on the data retrieved from or stored in the learnings file.
  • [COMMAND_EXECUTION]: The skill includes an example command to install a related utility using npx skills add sales-skills/sales. This command interacts with the npm registry to download and execute code. Since this resource is associated with the skill's author (sales-skills), it is documented as an intended feature.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 05:42 PM
Security Audit — agent-trust-hub — sales-salesroom