internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its design, which involves processing untrusted content from internal data sources.
- Ingestion points: Guidelines in
examples/3p-updates.md,examples/company-newsletter.md, andexamples/faq-answers.mddirect the agent to read content from Slack, Google Drive, Email, and Calendar. - Boundary markers: The instructions do not define any delimiters or provide warnings to ignore embedded instructions within the source data.
- Capability inventory: The skill enables the agent to use tool-calling for accessing sensitive internal communications and company documents.
- Sanitization: There are no instructions for sanitizing or validating the data retrieved from external sources before it is summarized.
Audit Metadata