lead-research-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to analyze the user's codebase to understand the product. This creates a surface where malicious instructions embedded in the code (e.g., in comments) could influence the agent's behavior.
- Ingestion points: Local codebase files (referenced in 'Instructions' step 1 and 'How to Use').
- Boundary markers: Absent. There are no instructions to ignore or delimit embedded commands within the analyzed files.
- Capability inventory: File system read (codebase), network search (lead research), and file system write (CSV export mentioned in 'Offer Next Steps').
- Sanitization: Absent. The skill does not define validation or filtering for data extracted from the codebase.
Audit Metadata