sales-workato

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill implements a persistent knowledge mechanism by reading from and writing to references/learnings.md. This creates a surface where information gathered during an interaction can influence future sessions.
  • Ingestion points: The file references/learnings.md is read at the start of each invocation; new insights are gathered during the conversation (Step 4).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat data in learnings.md as untrusted content.
  • Capability inventory: The skill uses file-read and file-append operations on references/learnings.md and references/platform-guide.md.
  • Sanitization: There is no explicit sanitization or validation logic described for the content being appended to the learnings file.
  • [EXTERNAL_DOWNLOADS]: The skill refers to the official Workato GitHub repository (https://github.com/workato) for source code and reference materials. This is a well-known service associated with the primary vendor.
  • [COMMAND_EXECUTION]: The documentation mentions an installation command (npx skills add sales-skills/sales --skill sales-do) for related tools. This is a standard installation procedure for vendor-provided skills and is intended for user execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 06:35 PM
Security Audit — agent-trust-hub — sales-workato