internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by instructing the agent to ingest and summarize content from multi-user internal platforms like Slack, Google Drive, and Email.\n- Ingestion points: Data is sourced from Slack channels, shared documents, and email threads as described in examples/3p-updates.md, examples/company-newsletter.md, and examples/faq-answers.md.\n- Boundary markers: Absent. No instructions are provided to use delimiters or ignore embedded commands within the retrieved text.\n- Capability inventory: No executable scripts or subprocess calls are included in the skill; however, the instructions assume the agent has read access to corporate communication tools.\n- Sanitization: Absent. There is no requirement to filter or validate content pulled from external sources before it is processed for summaries.\n- [NO_CODE]: This skill consists entirely of Markdown-based guidelines and templates and does not contain any executable code or dependencies.
Audit Metadata