disqualification-handling
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes inbound lead data from upstream sources and interpolates external fields such as names and company details directly into email templates. This creates a standard surface for indirect prompt injection if the source data contains adversarial instructions.
- Ingestion points: Lead data received from the
inbound-lead-qualificationskill, specifically thedisqualified-leads-with-reasoningpayload. - Boundary markers: Absent. The email templates interpolate variables directly into the draft body without using delimiters or system-level instructions to ignore potential commands embedded in lead data.
- Capability inventory: The skill possesses the
email-draftingcapability and is configured to interact with CRM tools (HubSpot, Smartlead) and perform file system writes for logging and configuration. - Sanitization: No explicit sanitization or validation of the lead-provided fields is documented before they are used in the prompt generation process.
Audit Metadata