The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. External data from webhooks and CRM databases is interpolated directly into prompts for lead scoring and deduplication without sanitization or protective delimiters. • Ingestion points: Lead data from forms and contact information from HubSpot/Salesforce (SKILL.md). • Boundary markers: Not present in the AI scoring or deduplication prompts. • Capability inventory: The skill can write data to HubSpot, Salesforce, Pipedrive, Slack, and Google Sheets. • Sanitization: No evidence of input validation or instruction filtering before data is passed to the LLM.

crm-automation