brief
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- External Data Ingestion: The skill processes content from external sources like emails, chat messages, and CRM updates to generate summaries. Ingestion points include Email, Chat, CRM, and Newsletters (SKILL.md).
- Indirect Prompt Injection Surface: Because the skill interprets text from external communications, it is possible for such content to contain instructions aimed at influencing the agent's summary or recommendations. This is a common characteristic of agents processing untrusted input. The skill definition currently lacks explicit boundary markers to separate data from instructions.
- Capability Inventory: The actions performed are limited to synthesizing and formatting information into structured briefs. No patterns for arbitrary command execution or unauthorized file system modifications were identified in the provided skill definition.
- Data Access and Sensitivity: The skill is configured to access information areas including contract lifecycle management (CLM) and legal memos. It is important to ensure that source connectors are configured with appropriate access controls.
Audit Metadata