sales-enrich
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behaviors, obfuscation, or unauthorized data access patterns were detected. The skill is purely instructional and follows security best practices for credential management by using placeholders for API keys.
- [COMMAND_EXECUTION]: The documentation references a standard installation command for the vendor's toolset (npx skills add sales-skills/sales), which is a legitimate and expected use of the command-line interface within this ecosystem.
- [SAFE]: The skill possesses an indirect prompt injection surface as it is designed to process external lead lists and CRM records. 1. Ingestion points: User-supplied data from CRM systems (Salesforce, HubSpot) and CSV files. 2. Boundary markers: Not explicitly defined in the instructional text. 3. Capability inventory: Performing network-based API requests to multiple enrichment services and updating CRM records. 4. Sanitization: Not specified, which is consistent for an instructional guide outlining agent logic.
Audit Metadata