lead-research-assistant
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill identifies leads by researching untrusted external sources. * Ingestion points: Web searches for company signals, news, and job boards. * Boundary markers: Instructions do not include delimiters or specific 'ignore' warnings for external content. * Capability inventory: The skill produces informational reports only; no subprocess execution, network exfiltration, or file-write capabilities are present in the skill definition. * Sanitization: No validation or escaping of ingested web data is specified.
- [Data Exposure] (SAFE): The skill instructions direct the agent to analyze the user's codebase for product context. * Evidence: Step 1 of the instructions. * Context: This is a standard feature for the skill's purpose and does not constitute a security risk provided the user maintains proper secret management practices.
Audit Metadata