internal-comms
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest untrusted data from internal sources, creating a surface for indirect prompt injection. Ingestion points: Slack, Email, Google Drive, and Calendar mentioned in examples/3p-updates.md, examples/company-newsletter.md, and examples/faq-answers.md. Boundary markers: Absent. No instructions are provided to delimit or ignore instructions within the ingested data. Capability inventory: None; the skill contains no executable code. Sanitization: Absent; the skill does not instruct the agent to sanitize content from external sources.
Audit Metadata