Skills
skills/gooseworks-ai/goose-skills/disqualification-handling/Gen Agent Trust Hub

disqualification-handling

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external lead data (names, company details) to generate outreach emails and update CRM records.
  • Ingestion points: External lead information ingested into the workflow as described in SKILL.md.
  • Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the lead data fields.
  • Capability inventory: The skill has access to email drafting tools, external CRM integrations (HubSpot, Mailchimp, Smartlead), and file system write access for CSV exports.
  • Sanitization: There is no evidence of input validation or sanitization of lead-provided strings before they are interpolated into draft templates or routed to tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 10:47 AM