influence-and-negotiation
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill involves the ingestion and processing of untrusted data from external sources, including emails, LinkedIn profiles, and web search results. While this provides a surface for indirect prompt injection, it is essential for the skill's primary function as a negotiation coach.
- Ingestion points: External data enters through
WebSearch,WebFetch, and various MCP connectors (e.g., Gmail, Slack, CRM) as described inreferences/context-intake.md. - Boundary markers: The skill does not implement specific boundary markers or delimiters for untrusted content.
- Capability inventory: The agent is authorized to use
Write,Edit, andBash(git:*)tools. - Sanitization: The instructions do not mandate sanitization or escaping of external content before processing.
- [SAFE]: The
Bashtool is explicitly restricted togitcommands, mitigating the risk of arbitrary command execution or system-level exploitation. - [SAFE]: The skill's networking operations via
WebSearchandWebFetchare limited to the stated purpose of stakeholder research and competitive intelligence. No evidence of data exfiltration to unauthorized third-party domains was found.
Audit Metadata