lead-research-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to ingest and process data from external websites and job postings, which creates a surface for indirect prompt injection. Ingestion points: Web search results, company websites, job postings, and news articles. Boundary markers: Absent; the instructions do not include delimiters or warnings to ignore instructions found in external content. Capability inventory: File system access (analyzing local codebase) and network access (searching for leads). Sanitization: Absent; external content is processed directly to generate outreach strategies.
- No Code (SAFE): The skill consists entirely of markdown instructions and metadata with no scripts, binaries, or configuration files for automated execution.
Audit Metadata