sales-trellus
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface where user-provided input is interpolated directly into commands for other skills, such as /sales-coaching {user's question}. This lack of sanitization could allow malicious input to influence the behavior of downstream agent actions.
- Ingestion points: User-provided description in the Step 2 routing table in SKILL.md.
- Boundary markers: No delimiters or protective markers are used for the interpolated content.
- Capability inventory: Execution of other agent skills using the slash-command syntax.
- Sanitization: No sanitization of user input is implemented.
- [COMMAND_EXECUTION]: The skill documentation includes a command to install a related tool: npx skills add sales-skills/sales --skill sales-do. This is a standard method for adding vendor-verified extensions to the platform's capabilities.
Audit Metadata