Pipedrive Automation
Pass
Audited by Gen Agent Trust Hub on Jun 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and configuration for CRM automation. The YAML configurations for triggers and actions are declarative and used by the platform to manage workflows.
- [DATA_EXFILTRATION]: While the skill describes integrations with external services like Slack and Google Calendar, these are standard functional requirements for a CRM tool. No unauthorized network operations or exfiltration scripts were identified.
- [PROMPT_INJECTION]: The skill contains templates for email outreach and Slack notifications that interpolate data from CRM fields (e.g.,
{{company_insight}},{{first_name}}). This represents a potential surface for indirect prompt injection if an attacker provides malicious data in these CRM fields, but the skill itself does not contain malicious instructions.
Audit Metadata