homerun-hr
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from external HRIS records, which constitutes an indirect prompt injection surface.
- Ingestion points: Employee lists, department records, and payroll data retrieved via the HRIS unified API (SKILL.md).
- Boundary markers: Absent; no specific delimiters or instructions are used to distinguish external data from skill logic.
- Capability inventory: The skill is capable of reading and syncing sensitive HR data across 58 connectors.
- Sanitization: Absent; the skill does not implement validation or filtering on the content of the retrieved records.
- [SAFE]: Secret management follows best practices by using environment variables (APIDECK_API_KEY, APIDECK_APP_ID) instead of hardcoded keys.
- [SAFE]: External dependencies (@apideck/unify) and network requests (unify.apideck.com, homerun.co) are limited to official vendor-owned resources.
Audit Metadata