lead-qualification
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection.
- Ingestion points: The load_leads function in SKILL.md processes data from external CSV and XLSX files.
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential commands or instructions found within the spreadsheet cells.
- Capability inventory: The skill utilizes the pandas library to perform file read operations and file write operations (via df.to_csv).
- Sanitization: No content validation or sanitization is performed on the values within the lead data before they are processed by the agent, allowing for potential manipulation of the scoring logic or agent responses.
Audit Metadata