Skills
skills/aiagentwithdhruv/skills/classify-leads/Gen Agent Trust Hub

classify-leads

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection where malicious content in processed data could influence the agent's behavior.
  • Ingestion points: Lead data is ingested from Google Sheets via scripts/read_sheet.py and subsequently read from JSON files in scripts/classify_leads_llm.py.
  • Boundary markers: No boundary markers or 'ignore' instructions are present in the CLASSIFICATION_PROMPTS templates or the create_classification_request function to prevent the model from obeying instructions found within the data fields.
  • Capability inventory: The skill interacts with the Anthropic API and Google Sheets API, but does not use dangerous functions like eval() or os.system() with the processed data.
  • Sanitization: There is no evidence of sanitization or escaping for lead names, descriptions, or keywords before they are formatted into the LLM prompt strings.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with Google Sheets and Google Drive APIs to read and update lead information.
  • Details: The scripts scripts/read_sheet.py and scripts/update_sheet.py use the gspread library to communicate with Google's well-known services. These operations are essential for the skill's primary purpose and use official authentication mechanisms.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 02:18 PM