Lead Scorer
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process external lead data (lists, descriptions, notes), which represents a potential injection surface if the input data contains adversarial instructions.
- Ingestion points: SKILL.md (Batch Scoring section) instructs the agent to accept and process lists of leads.
- Boundary markers: None identified; the prompt does not specify delimiters or 'ignore' instructions for untrusted data.
- Capability inventory: Display and internal reasoning only. The skill has no file-system, network, or subprocess execution capabilities.
- Sanitization: None identified.
- [No Code] (INFO): The skill contains no executable scripts (Python, JavaScript, shell) or configuration files that define external dependencies, significantly reducing the technical attack surface.
Audit Metadata