internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from multiple corporate platforms to generate 3P updates, newsletters, and FAQs, which presents a risk of indirect prompt injection. Ingestion points: Instructions in examples/3p-updates.md, examples/company-newsletter.md, and examples/faq-answers.md direct the agent to fetch and summarize content from Slack messages, emails, Google Drive documents, Calendar events, and external press releases. Boundary markers: The instructions lack explicit delimiters or directives to ignore instructions that may be embedded in the ingested data. Capability inventory: No executable scripts or code-based tools are provided within the skill files. Sanitization: The instructions do not define any sanitization or validation steps for the retrieved external text.
- [NO_CODE]: The skill consists exclusively of markdown documentation and instructional files and does not contain any executable scripts, binary files, or package manager configurations.
Audit Metadata