discover-brand
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- Enterprise Platform Integration: The skill interacts with well-known enterprise services such as Google Drive, Notion, and Slack to retrieve brand-related documents. These operations are essential for the skill's purpose and rely on standard platform connections.
- Local Workspace Management: Configuration settings are read from and discovery reports are saved to the local .claude/ directory within the working folder. This approach ensures that data is managed within the user's expected environment and follows localized file management practices.
- Data Ingestion and Analysis: The agent processes information from various external sources (Notion, Google Drive, Slack, etc.) as described in SKILL.md. This ingestion represents a surface for indirect prompt injection where external content enters the agent context.
- Mitigation and Validation Mechanisms: To address data ingestion risks, the skill follows a structured workflow including user orientation and scope confirmation. Additionally, it implements a detailed source ranking algorithm (as seen in source-ranking.md) to prioritize authoritative and recent content, which serves to validate the relevance and reliability of the ingested materials.
- Agent Orchestration: The skill delegates discovery tasks to a specialized agent using the Task tool. This modular design provides a clear separation of concerns and follows established patterns for complex multi-step agent workflows.
Audit Metadata