airtable-automation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documentation, YAML templates for database structures, and MCP tool definitions. No executable scripts, binaries, or installation commands are provided.
- [PROMPT_INJECTION]: The skill defines integration patterns that ingest untrusted data from external sources (such as Typeform submissions or Clearbit data) and interpolate it into downstream actions, creating an indirect prompt injection surface.
- Ingestion points: Data is received from external triggers like 'typeform_submission' and enrichment services like 'clearbit' specified in the integration workflows.
- Boundary markers: Absent; the templates use direct string interpolation (e.g., '{form.name}', '{email}') for external data without using delimiters or instructions for the agent to ignore embedded commands.
- Capability inventory: The skill utilizes MCP tools ('airtable_create_record', 'airtable_update_record', 'airtable_query') and describes capabilities for sending Slack messages and emails.
- Sanitization: No sanitization, escaping, or validation logic for external data is defined in the provided workflow templates.
Audit Metadata