signal-scanner
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Provides CLI commands for scanning companies and processing lead signals.
- [EXTERNAL_DOWNLOADS]: Connects to Apify for job search and LinkedIn scraping, and to Anthropic for content analysis.
- [PROMPT_INJECTION]: Skill contains instructional guidance to prevent the AI from executing database writes without explicit user confirmation, acting as a safety constraint.
- [INDIRECT_PROMPT_INJECTION]: The skill processes LinkedIn post content via LLM analysis, which represents a potential indirect prompt injection surface.
- Ingestion points: LinkedIn posts retrieved via Apify actors in
scripts/signal_scanner.py. - Boundary markers: None present in the LLM scoring prompt.
- Capability inventory: Database operations including signal insertion and lead status updates.
- Sanitization: Post content is truncated to 1000 characters.
Audit Metadata