sales-leadlee

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: All instructions and reference materials are focused on providing benign user support for the Leadlee platform.
  • [PROMPT_INJECTION]: The skill implements a self-improvement mechanism (Category 8) where it reads and appends to references/learnings.md. This creates a potential surface for indirect prompt injection. * Ingestion points: The references/learnings.md file and user inputs are ingested into the agent context. * Boundary markers: No delimiters are present to isolate or ignore instructions embedded in the learned data. * Capability inventory: The skill does not have access to dangerous capabilities like network requests, sensitive file access, or arbitrary code execution. * Sanitization: The skill does not sanitize user input before persisting it to the learnings file.
  • [COMMAND_EXECUTION]: Documentation includes a command using npx for installing related skills. This is provided for informational purposes and is not executed by the agent automatically.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 12:21 AM
Security Audit — agent-trust-hub — sales-leadlee