sales-lemlist
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to process external data from the Lemlist platform.
- Ingestion points: Data retrieved from the Lemlist People Database, Lead management, and Unified Inbox as documented in references/lemlist-api-reference.md.
- Boundary markers: The skill does not define specific delimiters or instructions for the agent to ignore potentially malicious commands embedded within retrieved lead or message data.
- Capability inventory: The skill provides instructions and references for automated actions including sending emails and LinkedIn messages via API endpoints (POST /inbox/send/email, POST /inbox/send/linkedin).
- Sanitization: No sanitization or content validation procedures are described for data fetched through the Lemlist API.
- [SAFE]: All referenced domains and endpoints (lemlist.com) belong to a well-known technology service. No unauthorized access or exfiltration patterns were identified.
Audit Metadata