sales-tomba
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a platform guide and reference for the Tomba.io API and services. It does not exhibit any malicious behaviors such as prompt injection, data exfiltration, or persistence mechanisms.
- [EXTERNAL_DOWNLOADS]: The documentation references official Tomba SDKs (e.g., 'tomba' for Node.js and Python) and provides an installation command for a related skill ('sales-skills/sales') from the same author. These are legitimate resources for the skill's intended purpose.
- [COMMAND_EXECUTION]: The documentation includes standard API examples using 'curl'. These are provided for instructional purposes and are not executed automatically by the agent.
- [CREDENTIALS_UNSAFE]: The API reference uses placeholder strings like 'ta_xxxx' and 'ts_xxxx' for authentication headers. These are safe markers and do not expose real secrets.
Audit Metadata