epiphan-ai-mcp-guide
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill acts as a documentation resource for a suite of sales and marketing tools, providing clear instructions on their intended use and limitations without containing malicious code.
- [PROMPT_INJECTION]: The skill describes tools that ingest untrusted data from external sources, such as Clari call transcripts and HubSpot notes. This presents a potential surface for indirect prompt injection, though the skill notes that the underlying platform performs sanitization, such as stripping script tags from HubSpot notes.
- [DATA_EXFILTRATION]: The enrich_contact tool is designed to send contact information to the Clay API for data enrichment. This is a core functionality of the skill's sales enablement purpose.
- [COMMAND_EXECUTION]: The documentation includes tools for executing SQL queries (ask_agent, export_query_csv). These are described as being restricted to read-only operations by the platform infrastructure.
Audit Metadata