digest
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection Surface: The skill gathers data from external, user-controlled, or third-party sources such as emails and chat logs. This data is considered untrusted and could contain hidden instructions that attempt to influence the agent's behavior while it is performing the digest task.
- Ingestion points: Data is retrieved from several external sources including
~~chat,~~email,~~cloud storage,~~project tracker,~~CRM, and~~knowledge baseas defined inSKILL.md. - Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore any command-like text found within the ingested content.
- Capability inventory: The skill's primary capabilities involve searching, extracting, and formatting text summaries from the connected sources.
- Sanitization: The skill does not currently specify methods for sanitizing or filtering external content before it is processed into the final summary output.
Audit Metadata