lead-scoring
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing data from external, potentially untrusted sources.
- Ingestion points: The skill ingests data from web search results (via search MCP), CRM records, and email platform data (via MCP) as specified in SKILL.md for the Timing and Engagement dimensions.
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands or instructions within the retrieved external data.
- Capability inventory: The skill is limited to generating formatted reports and routing recommendations; it does not possess high-risk capabilities such as arbitrary command execution, file system writing, or persistence mechanisms.
- Sanitization: No evidence of data sanitization, escaping, or validation of the ingested external content was found in the instructions.
Audit Metadata