inbound-lead-enrichment
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted lead data which presents a surface for indirect prompt injection.
- Ingestion points: Ingests raw-lead-data (emails, names, and company info) from inbound leads as described in SKILL.md.
- Boundary markers: The instructions do not define delimiters or instructions for the agent to ignore potentially malicious commands within lead data fields.
- Capability inventory: The skill utilizes web-search, linkedin-scraping, and CRM tool access (Supabase, Salesforce, HubSpot).
- Sanitization: Lead data is not sanitized or validated before being used in search queries or updated in the CRM.
- [NO_CODE]: The skill is implemented entirely through instructions and configuration metadata without external scripts.
Audit Metadata