leadgenius-api
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- Category 2 (Data Exposure & Exfiltration) (HIGH): Hardcoded API credentials found in multiple script files. * Evidence: The scripts
scripts/create_edu_demo.py,scripts/create_fin_demo.py, andscripts/fix_leads.pycontain the hardcoded keyda2-5u4a7hbhvbb2fdsj2ys2h2pljypassed as thex-api-keyheader to a production AWS AppSync GraphQL endpoint. - Category 8 (Indirect Prompt Injection) (LOW): The skill provides a surface for indirect prompt injection by processing external data from CSV files. * Ingestion points:
scripts/import_csv.py(reads data from user-supplied CSV files). * Boundary markers: Absent. No specific delimiters or instructions are used to separate untrusted data from the agent's internal logic. * Capability inventory: The skill uses therequestslibrary acrossscripts/api_call.py,scripts/auth.py,scripts/import_csv.py, andscripts/lead_distribution.pyto perform network operations. * Sanitization: Absent. No escaping or validation is performed on the CSV fields before they are incorporated into API requests.
Recommendations
- AI detected serious security threats
Audit Metadata