sales-verint

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a self-referential knowledge loop where it reads from references/learnings.md at the start of a session and appends new information to the same file at the end. This allows untrusted user input to be persisted and subsequently interpreted as instructions in future sessions.
  • Ingestion points: The agent reads from references/learnings.md during initialization and processes user-supplied prompts to extract "gotchas" or "tips" for storage.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when reading or writing to the learnings file.
  • Capability inventory: The skill is instructed to perform file-write operations (appending to references/learnings.md) and contains instructions to route requests to other skills using command-style syntax.
  • Sanitization: The skill lacks mechanisms to sanitize or validate the content extracted from user interactions before it is persisted to the file system.
  • [EXTERNAL_DOWNLOADS]: The documentation provides an installation command using npx to fetch and install related skills from the author's official repository. This is a standard procedure for expanding the agent's capabilities with verified vendor resources.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 06:35 PM
Security Audit — agent-trust-hub — sales-verint