signal-detection-pipeline
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill coordinates the ingestion and processing of data from external, untrusted sources including job postings, Reddit, and LinkedIn content. This workflow creates a surface for indirect prompt injection, where malicious instructions hidden in the processed data could attempt to influence the agent's behavior during the lead scoring or outreach phases.
- Ingestion points: External content fetched from job boards, Reddit, and LinkedIn (SKILL.md).
- Boundary markers: No explicit delimiters or isolation instructions are provided in the playbook to separate untrusted data from the agent's system instructions.
- Capability inventory: Orchestrates sub-skills with capabilities for web search, data extraction, and writing to Google Sheets.
- Sanitization: No explicit validation or sanitization of ingested content is defined in these coordination instructions.
- [NO_CODE]: The skill consists exclusively of markdown instructions and configuration metadata without any executable script files, which limits the risk of direct command execution or local file system abuse within this specific skill package.
Audit Metadata