gtm-sales-pack
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands to inspect existing files (
cat sales-pack.md) and runs an included Python script (extract-voice-from-gmail.py) to analyze email data. - [EXTERNAL_DOWNLOADS]: The skill relies on standard Google API client libraries to facilitate secure authentication and data retrieval from Gmail.
- [PROMPT_INJECTION]: The skill processes untrusted external content from Gmail messages, creating a localized surface for indirect prompt injection.
- Ingestion points: Data enters the agent's context through the retrieval of sent email bodies and the reading of existing markdown sales packs.
- Boundary markers: The instructions do not define specific delimiters or "ignore instructions" headers to wrap the ingested email content.
- Capability inventory: The skill possesses the capability to execute shell commands, perform authenticated network requests to Google services, and write to the project's file system.
- Sanitization: The analysis script implements recipient redaction for privacy but does not filter email bodies for malicious instructions or prompt-altering text.
Audit Metadata