loro
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests data from external Notion workspaces and previous conversation logs to provide project status. The ingestion of untrusted external content without defined boundary markers or sanitization logic presents a low-level vulnerability where malicious content in a Notion ticket could influence the agent's output.
- Ingestion points:
Notion:notion-searchandconversation_search. - Boundary markers: Absent.
- Capability inventory: Reasoning and text generation only; no write or execution capabilities present.
- Sanitization: Absent.
Audit Metadata