team-communications
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill package is composed entirely of markdown instructions and templates. No executable scripts, binaries, or other code components are included.
- [SAFE]: Information gathering is restricted to reading from authorized internal sources (Slack, Gmail, Google Drive) via standard platform tools for the purpose of summarization. There are no mechanisms for unauthorized data exfiltration or external network requests.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection due to its core function of processing untrusted data from communication platforms.
- Ingestion points: Slack messages, Gmail threads, Google Drive documents, and Calendar events (specified in SKILL.md and reference templates).
- Boundary markers: The templates do not utilize specific delimiters to isolate retrieved external data from the agent's instructions.
- Capability inventory: The skill is limited to drafting and formatting text; it does not include tools for command execution, file system writes, or dynamic code evaluation.
- Sanitization: There are no explicit instructions for the validation or sanitization of content retrieved from external sources.
Audit Metadata