lead-gen
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from web search results and user-provided lists to qualify prospects and generate outreach messages. This creates an indirect prompt injection surface where malicious instructions embedded in web content could attempt to influence the agent's behavior.
- Ingestion points: Web search results and user-provided lead lists (SKILL.md).
- Boundary markers: Absent; the skill instructions do not specify the use of delimiters or warnings to ignore instructions within the processed data.
- Capability inventory: The skill is designed to generate outreach drafts and lead tables; no high-risk capabilities like file system access or command execution are defined.
- Sanitization: Absent; no validation or sanitization of external data is specified in the instructions.
- [NO_CODE]: The skill consists of markdown instructions and does not include any accompanying scripts, binaries, or configuration files that would execute code.
Audit Metadata