email-finder
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs network requests to external domains and well-known services (Hunter.io, Apollo.io, Snov.io, and Clearbit) to retrieve contact information.
- [PROMPT_INJECTION]: Indirect prompt injection surface identified through untrusted data ingestion.
- Ingestion points: Untrusted HTML content is fetched from external domains as described in the scraping logic within
references/full-guide.md. - Boundary markers: Absent for the ingestion of scraped web content.
- Capability inventory: Network access and data retrieval capabilities are defined in
references/full-guide.md. - Sanitization: Employs regular expressions to isolate specific email patterns from the ingested raw text, providing basic validation of the harvested data.
Audit Metadata