list-quality-scorecard
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external CSV files which are then incorporated into a scorecard report.
- Ingestion points: The script
scripts/score-list.tsreads lead lists from a CSV file provided via the--listargument. - Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the CSV data fields (such as job titles or company names) before they are processed and displayed in the output.
- Capability inventory: The script's capabilities are restricted to local file system operations (
fs.readFileSyncandfs.writeFileSync) and do not include network access or shell execution of external data. - Sanitization: The script performs minimal cleaning (removing quotes) but does not sanitize the content to prevent the agent from obeying instructions that might be hidden within the CSV data.
Audit Metadata