sales-salesroom
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes a persistent file (
references/learnings.md) to store and retrieve knowledge across sessions, creating a surface for indirect prompt injection (Category 8). - Ingestion points: Data is loaded from
references/learnings.mdat the start of the interaction (SKILL.md, Step 1). - Boundary markers: The instructions do not define clear boundaries or provide warnings to the agent to ignore potentially malicious instructions within the loaded file.
- Capability inventory: The skill provides instructions for appending data to the local file system (
references/learnings.md) and suggests the installation of additional skills via shell commands. - Sanitization: No validation or sanitization is performed on the data retrieved from or stored in the learnings file.
- [COMMAND_EXECUTION]: The skill includes an example command to install a related utility using
npx skills add sales-skills/sales. This command interacts with the npm registry to download and execute code. Since this resource is associated with the skill's author (sales-skills), it is documented as an intended feature.
Audit Metadata