ad-lead-quality-analyzer

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to perform database queries (Postgres, MySQL) and API calls (Meta Marketing API) to retrieve campaign and lead data. These operations are necessary for the skill's primary function of joining disparate datasets.
  • [DATA_EXFILTRATION]: This tool is designed to access and process sensitive business data, including lead signups, CRM records, and marketing spend. While it does not specify an external destination for data exfiltration, the capability to aggregate PII and financial data represents a sensitive data exposure surface essential for the analysis.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8) because it ingests and processes data from external sources that may be influenced by third parties:
  • Ingestion points: Lead records from signups, CRM data (Airtable, SQL databases), and Meta API campaign metadata found in SKILL.md Phases 0 and 2.
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the processed data.
  • Capability inventory: Database querying, API access, and report generation.
  • Sanitization: No explicit data sanitization or validation steps are outlined for external lead data before it is incorporated into the analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — ad-lead-quality-analyzer