internal-comms
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of instructional Markdown files. No scripts, binaries, or other executable files are included.
- [PROMPT_INJECTION]: The skill instructions create a potential surface for indirect prompt injection attacks.
- Ingestion points: Guideline files such as 'examples/3p-updates.md', 'examples/company-newsletter.md', and 'examples/faq-answers.md' direct the agent to read data from Slack, Google Drive, Email, and Calendar.
- Boundary markers: There are no instructions for the agent to use delimiters or ignore embedded commands within the retrieved documents or messages.
- Capability inventory: The skill is designed to work with an agent that has permissions to access internal communication and document storage tools.
- Sanitization: The provided workflows lack any guidance on sanitizing or validating the retrieved information before it is used in generated summaries.
Audit Metadata