apollo-rate-limits
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute curl commands. These commands are directed at the official Apollo.io API (api.apollo.io) to retrieve rate limit status from response headers.
- [EXTERNAL_DOWNLOADS]: The documentation references the p-queue library for managing request concurrency and provides links to official documentation from Apollo.io and Google Cloud. These are categorized as well-known and reputable services.
- [PROMPT_INJECTION]: The skill handles user-provided data such as organization domains and search queries for API interactions, which creates a surface for indirect prompt injection where external data could potentially influence agent behavior. Ingestion points: User-provided search strings and domain lists used in API request templates in SKILL.md. Boundary markers: No specific delimiters or safety instructions are included in the code templates. Capability inventory: The skill utilizes the Bash(curl) tool for external communication. Sanitization: The provided examples do not demonstrate input validation or sanitization routines.
Audit Metadata