apollo-core-workflow-a
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill is designed to retrieve and process contact data including names, emails, and phone numbers. This exposure is consistent with the primary purpose of a lead generation tool and is not indicative of malicious exfiltration.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests data from external sources (the Apollo API) and passes it into the agent's context.
- Ingestion points: External data is ingested in
src/services/apollo/people-search.ts,src/services/apollo/company-enrichment.ts, andsrc/services/apollo/contact-enrichment.ts. - Boundary markers: None identified in the provided code snippets to delimit API content from agent instructions.
- Capability inventory: The skill has access to
Write(file system) andBash(command execution) via allowed tools. - Sanitization: No specific sanitization or filtering of API response strings (e.g., company descriptions or person titles) is implemented before data transformation.
Audit Metadata