sequence-load
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from external sources, specifically Gmail drafts and HTML reports, which are then used to drive actions in Apollo and HubSpot. This creates a surface for indirect prompt injection if the source data contains malicious instructions.
- Ingestion points: Data is read from Gmail drafts and HTML reports in Stage 1.
- Boundary markers: There are no explicit delimiters or safety instructions provided to the agent to treat the ingested data as untrusted content.
- Capability inventory: The skill possesses significant capabilities including creating contacts and enrolling them in outreach sequences in Apollo, as well as creating or modifying records in HubSpot via the manage_crm_objects tool.
- Sanitization: The skill performs basic validation of data formats (email, phone) but lacks content sanitization to prevent the execution of instructions embedded within the processed data.
Audit Metadata