sdr-call-coaching
Pass
Audited by Gen Agent Trust Hub on Jul 4, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted conversational data from call transcripts during the scoring process.
- Ingestion points: Call recordings and transcripts are pulled from Nooks and Clari as defined in the source inventory.
- Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore potentially malicious commands embedded within the processed transcripts.
- Capability inventory: The skill has the ability to send Slack messages and create Gmail drafts, which could be misused if an injection is successful.
- Sanitization: No content filtering or sanitization of external transcript text is specified.
- [COMMAND_EXECUTION]: The skill references using the
bash datecommand to calculate the weekly report window. This is a standard and safe implementation for time-based logic. - [EXTERNAL_DOWNLOADS]: The skill retrieves data from Nooks and Clari MCP servers. These are described as recognized internal integrations necessary for the skill's stated business objectives.
Audit Metadata