Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/apollo-cost-tuning/Gen Agent Trust Hub

apollo-cost-tuning

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes data from the external Apollo.io API, which represents an indirect prompt injection surface. Data retrieved, such as lead names or company info, could potentially contain malicious instructions.
  • Ingestion points: Data ingestion occurs through apollo.searchPeople and apollo.enrichPerson methods described in the logic.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to distinguish between its instructions and retrieved data.
  • Capability inventory: The skill allows powerful tools including Read, Write, Edit, and Bash, which could be exploited if an injection occurs.
  • Sanitization: There is no evidence of sanitization or validation of the API response data before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 12:00 AM