icp-identification
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute local shell commands using
python3to run thetam_builder.pyscript. The configuration for this script is dynamically generated based on user input and web research results. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection. Ingestion points: The agent ingests user-provided company URLs, product descriptions, and the results of web research tools in Phase 0 and Phase 1. Boundary markers: There are no explicit instructions or delimiters used to prevent instructions embedded within the researched web content from overriding the agent's logic. Capability inventory: The agent has the capability to execute shell commands and send data to multiple external lead-generation and database APIs. Sanitization: The skill lacks instructions to sanitize or validate the external content before it is used to populate search filters or parameters for the downstream
tam_builder.pyexecution.
Audit Metadata