The Agent Skills Directory

[SAFE]: The skill architecture is well-structured for GTM automation. It adheres to security standards by managing all sensitive API keys (including HubSpot tokens, Salesforce credentials, and Personize keys) through environment variables rather than hardcoded values. The use of Zod for input validation across tasks further enhances reliability.
[EXTERNAL_DOWNLOADS]: The skill establishes connections to a variety of established and well-known technology services to facilitate data enrichment and communication. Integrated services include Google Cloud (Gmail API), HubSpot, Salesforce, Slack, Twilio, SendGrid, and data providers like Apollo.io, Tavily, and Exa. All these interactions are necessary for the skill's primary purpose.
[PROMPT_INJECTION]: The skill's functionality includes processing untrusted content from external sources, which presents a surface for indirect prompt injection.
Ingestion points: The skill ingests untrusted content from inbound email bodies in pipelines/conversational/email-reply-handler.ts and lead properties from CRM records in pipelines/crm/hubspot-lead-review.ts.
Boundary markers: Untrusted content is interpolated into prompt instructions without the use of explicit delimiters or specific instructions to disregard embedded commands.
Capability inventory: The agent has the ability to perform actions such as sending emails, updating CRM status, and posting notifications to Slack.
Sanitization: Content processing is limited to structural cleaning (e.g., stripping email quotes) and does not include semantic validation.
Conclusion: This surface is an inherent part of any agent designed to automate communication and lead processing. Users are encouraged to utilize Personize's governance variables to manage AI behavior.

personize-code-pipelines