sales-verint
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements a self-referential knowledge loop where it reads from
references/learnings.mdat the start of a session and appends new information to the same file at the end. This allows untrusted user input to be persisted and subsequently interpreted as instructions in future sessions. - Ingestion points: The agent reads from
references/learnings.mdduring initialization and processes user-supplied prompts to extract "gotchas" or "tips" for storage. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when reading or writing to the learnings file.
- Capability inventory: The skill is instructed to perform file-write operations (appending to
references/learnings.md) and contains instructions to route requests to other skills using command-style syntax. - Sanitization: The skill lacks mechanisms to sanitize or validate the content extracted from user interactions before it is persisted to the file system.
- [EXTERNAL_DOWNLOADS]: The documentation provides an installation command using
npxto fetch and install related skills from the author's official repository. This is a standard procedure for expanding the agent's capabilities with verified vendor resources.
Audit Metadata