Skills
skills/claude-office-skills/skills/lead-routing/Gen Agent Trust Hub

lead-routing

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The scoring_prompt in SKILL.md uses direct interpolation for the {lead_data} variable. This allows an external actor, such as a lead submitting a form, to potentially influence the AI's scoring and routing behavior through malicious content in CRM fields.
  • Ingestion points: The {lead_data} placeholder within the ai_scoring section of SKILL.md is the entry point for untrusted lead data.
  • Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present to separate the system instructions from the processed lead data.
  • Capability inventory: The skill possesses significant write capabilities via the hubspot_assign_owner and salesforce_route tools, along with Slack notification and workflow management.
  • Sanitization: There is no evidence of data sanitization or validation routines to filter out malicious instructional language from the lead data before it is interpolated into the prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 08:21 AM