apollo-lead-finder
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches lead data and contact enrichment information from the official Apollo.io API (
api.apollo.io). This is the primary intended function of the skill. - [COMMAND_EXECUTION]: The skill's documentation provides instructions for running Python scripts (
apollo_lead_finder.py) to execute the search and enrichment phases. These scripts are part of the skill's distribution. - [CREDENTIALS_UNSAFE]: The skill requires several sensitive environment variables (
APOLLO_API_KEY,SUPABASE_URL,SUPABASE_SERVICE_ROLE_KEY) to be provided in a local.envfile. This is a standard practice for local development and the skill does not contain hardcoded secrets or evidence of credential exfiltration. - [DATA_EXFILTRATION]: No malicious data exfiltration was detected. The script sends lead identifiers to the Apollo API for enrichment and saves the resulting data to local CSV files and a user-configured Supabase instance, as described in its functional specification.
Audit Metadata