close-plan-generator

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [SAFE]: The skill provides a legitimate business workflow for sales planning. It uses authorized agent tools to interact with well-known services (HubSpot, Clari, Apollo) for data retrieval and Gmail for draft generation. No malicious commands, data exfiltration to untrusted domains, or obfuscated payloads were detected.
  • [NO_CODE]: The skill contains no executable scripts or binaries, consisting entirely of instructional content and configuration for the agent.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes unstructured text from external CRM and call intelligence records. 1. Ingestion points: HubSpot deal notes and Clari call summaries are fetched in Stage 1 of the SKILL.md workflow. 2. Boundary markers: No specific delimiters are defined in the instructions to isolate external text from system prompts. 3. Capability inventory: The agent can read CRM data and create Gmail drafts. 4. Sanitization: No explicit sanitization or filtering of fetched text is performed. This surface is considered a low-risk architectural characteristic given the skill's intended purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 04:24 PM
Security Audit — agent-trust-hub — close-plan-generator