sales-enrichso

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill provides legitimate documentation for interacting with the Enrich.so API.
  • [SAFE]: The skill has an inherent surface for indirect prompt injection as it processes user-supplied identifiers (emails, LinkedIn URLs) and external API data. This is standard for enrichment tools and does not indicate malicious intent.
  • Ingestion points: Processes user-provided identifiers and CSV files in SKILL.md (Step 1, Step 4) and handles JSON data from the api.enrich.so API.
  • Boundary markers: No specific delimiters or ignore instructions are provided for wrapping untrusted data returned from the external API.
  • Capability inventory: The skill facilitates network requests to api.enrich.so and reads internal reference files in the references/ directory.
  • Sanitization: No explicit input validation or output escaping for external data is described.
  • [EXTERNAL_DOWNLOADS]: The skill mentions an installation command for a related routing tool from the same vendor (npx skills add sales-skills/sales). This is a legitimate vendor resource used for expanding agent capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 06:26 PM
Security Audit — agent-trust-hub — sales-enrichso