apollo-core-workflow-a
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [PROMPT_INJECTION]: The skill ingests data from the Apollo.io API, creating an indirect prompt injection surface where malicious instructions embedded in prospect data could influence agent behavior.
- Ingestion points: Apollo API responses processed in
people-search.ts,company-enrichment.ts, andcontact-enrichment.ts. - Boundary markers: None identified in the prompt templates or instructions.
- Capability inventory: File system access (
Read,Write,Edit), shell execution (Bash), and text search (Grep). - Sanitization: No explicit validation or sanitization of external API data is demonstrated in the transformation logic.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation and endpoints for Apollo.io (apolloio.github.io), which is a well-known service for B2B intelligence.
- [CREDENTIALS_UNSAFE]: The instructions correctly identify the requirement for Apollo API credentials as an environment prerequisite and do not include hardcoded secrets or unsafe storage practices.
Audit Metadata