inbound-lead-enrichment
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits lead information, such as names, email domains, and company details, to external research providers (SixtyFour, Orthogonal) and CRM platforms (HubSpot, Salesforce). While this is core to its functionality, it represents a data flow to third-party services outside the immediate agent environment.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it ingests and analyzes data from external, untrusted sources like company websites and LinkedIn profiles to generate lead insights.\n
- Ingestion points: Company websites, LinkedIn profiles, news articles, and social media activity summaries retrieved during research (SKILL.md).\n
- Boundary markers: Absent; there are no instructions to the agent to treat external research data as untrusted or to ignore instructions embedded within that data.\n
- Capability inventory: The skill can update lead records in CRMs, write to local CSV files, and perform automated research tasks based on findings (SKILL.md).\n
- Sanitization: No content filtering or validation is specified for the data retrieved from the web before it is incorporated into lead profiles.
Audit Metadata