sales-vwo
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes a persistent file,
references/learnings.md, to store 'accumulated platform knowledge' which the agent reads at the start of every session. This creates a surface for Indirect Prompt Injection (Category 8). - Ingestion points: The file
references/learnings.mdis read during Step 1 to gather context. - Boundary markers: None are present; content is treated as authoritative knowledge.
- Capability inventory: The agent follows instructions retrieved from the learning file to provide answers and guide users.
- Sanitization: The skill lacks sanitization, instructing the agent to append new findings directly to the file.
- [EXTERNAL_DOWNLOADS]: The skill recommends several official SDKs and tools (e.g.,
vwo-fme-node-sdk,vwo-fme-python-sdk) hosted on the Wingify GitHub organization and public registries. These are official resources provided by the platform vendor. - [COMMAND_EXECUTION]: Documentation within the skill includes commands for users to install SDKs and related skills from the same author (
sales-skills). These are provided as legitimate setup instructions for the user.
Audit Metadata