sales-youscan

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a self-improvement loop in SKILL.md and references/learnings.md where the agent reads from and appends to a local file. This creates an indirect prompt injection surface as malicious or deceptive content could be persisted in the learnings file and influence future agent behavior. Ingestion points: references/learnings.md. Boundary markers: None. Capability inventory: File-write (append). Sanitization: None.
  • [COMMAND_EXECUTION]: The skill documentation mentions the command 'npx skills add sales-skills/sales' for installing related tools. This resource is provided by the vendor 'sales-skills' and corresponds to the skill's author.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 12:21 AM
Security Audit — agent-trust-hub — sales-youscan