apollo-cost-tuning
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where external data from Apollo.io is processed by the agent.\n
- Ingestion points: Untrusted data enters the context through the
apollo.searchPeopleandapollo.enrichPersonmethods referenced inreferences/implementation-guide.md.\n - Boundary markers: The instructions do not define clear boundaries or provide guidance to the agent to disregard instructions potentially embedded in the fetched API data.\n
- Capability inventory: The skill is granted significant capabilities in
SKILL.md, including file system access (Write,Edit) and network operations (Bash(curl:*)), which increases the risk if malicious data were to influence agent behavior.\n - Sanitization: The implementation guide lacks logic for sanitizing or validating external fields (such as titles or organization data) before they are used in scoring or processing.
Audit Metadata