internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for processing untrusted data from multiple corporate communication tools, which presents a surface for indirect prompt injection. Ingestion points: Slack, Email, Google Drive, and Calendar are specified as sources in examples/3p-updates.md, examples/company-newsletter.md, and examples/faq-answers.md. Boundary markers: No delimiters or instructions to ignore embedded commands within the ingested data are provided. Capability inventory: The skill utilizes the agent's core summarization and communication functions; no external code, scripts, or system access are shipped with the skill. Sanitization: The skill lacks mechanisms to sanitize or validate content retrieved from external tools before processing.
- [SAFE]: No malicious code, direct prompt injection, or data exfiltration patterns were detected in the skill's source files. All files are transparent Markdown guidelines and templates.
Audit Metadata