ads-lead-capture
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill mentions external services like Meta Ads, Google Ads, TikTok Ads, and Attio CRM, which are well-known and trusted platforms. These references are part of the intended functionality for lead management.
- [COMMAND_EXECUTION]: The skill includes JavaScript snippets for n8n 'Code Nodes' to parse URL parameters. This logic is localized to string manipulation (URL parsing) and does not execute arbitrary shell commands or access sensitive system resources.
- [CREDENTIALS_UNSAFE]: The documentation refers to authentication methods such as OAuth2 and Header Auth for webhooks, but does not contain any hardcoded API keys, tokens, or secrets. It correctly instructs the user to use n8n's credential management system.
- [DATA_EXFILTRATION]: Network operations described (webhooks and API calls) are directed to the official endpoints of the integrated platforms (Meta, Google, TikTok, Attio) for the purpose of syncing lead data, which matches the skill's stated purpose.
Audit Metadata